QCOSTARICA – The Government of Carlos Alvarado is firm that it will not pay the group of hackers that continues the cyberattack on the systems of the Ministerio de Hacienda (Ministry of Finance) and at least five institutions have been the target of hackers since Sunday night.
On the list, in the addition to the Ministry of Finance, are the Ministry of Science, Innovation and Technology (Micitt), the Instituto Meteorológico Nacional (IMN), the Radiográfica Costarricense (Racsa) and a Caja Costarricense de Seguro Social (CCSS) portal.
At a press conference by the head of Micitt, Paola Vega, on Wednesday, according to her, in the case of the Micitt they only found a “modification of the contents of the web page,” with no evidence that information had been extracted.
In the case of the IMN and Racsa, what happened was a “process of extracting email archives”, confirmed Vega.
At the CCSS, the institution confirmed its Human Resources portal was targeted.
The Minister of the Presidency, Geannina Dinarte, on Wednesday, ruled out that they will give in to extortion or requests for a ransom payment.
Dinarte explained that they have not received a specific note, but it is mentioned in the “dark web” where the publication of the attack and US$10 million dollar ransom demand was made,
“Apparently it is The Conti Group and it is under that page that it has made the publication,” confirmed Jorge Mora, director of Digital Governance, of the Micitt.
Dinarte was clear that the situation is “under control” and that prevention and monitoring protocols are being followed.
The Minister confirmed that the payment of public sector salaries will be made next week without any setbacks.
The Presidency indicated that all State institutions have been advised to carry out preventive reviews of their systems and servers.
Money in banks is not at risk of hackers
The money of hundreds of thousands deposited in Costa Rica’s banks is not at risk of being stolen by hackers, according to the government
“The national financial system is the most robust in terms of data protection and cybercrime. They have been training and investing regularly for several years, I know this from direct knowledge (…) We can say that the larger the institution, the greater the investment made,” said Mora.
So far, Spain, the United States, Israel, Microsoft and GBM, the leading IT services company in Central America and the Caribbean, have offered their help to the country to regain control of Treasury platforms.
‘Conti attacks in Costa Rica since 2020’
While the cyberattack took the Government and the majority of the country’s population by surprise, it was not so for those who work in the computer security sector.
Esteban Jiménez, a specialist in cybersecurity and founder of Atticyber, told La Nación that his company deals with incidents triggered by this type of ransomware program in private companies, since 2020, when Conti became known internationally.
The cyber security expert explained that to “disinfect” a computer system has taken up to three weeks in the most complicated cases.
In the La Nacion interview, Jiménez pointed out that The Ministry of Finance did do something different and important, it was open to receiving support from specialists from different parts of the country and internationally.
“Unlike, on other occasions in the past, that (companies) have closed to receive support. The Treasury has allowed people with a lot of capacity to help in the recovery lines,” said Jiménez.
Basic measures
The danger of blackmail by cybercriminals, loss of valuable information and exposure of data to other competitors and to public opinion are latent threats.
The government warned that companies could be the next target of criminals and are being advised to implement measures to improve their computer security.
At home, unlikely you will be targeted for millions of dollars in ransom, but still can be a target of a cyberattack, fake (as in the case of the emails you may have received claiming a hack of your computer’s camera…) or real.
To protect yourself, install an antivirus program or two, do not open suspicious emails or download unknown files.