Tuesday 28 March 2023

Hacking of the CCSS: Hospitals can’t turn on computers

CCSS does not know when it will recover computer systems: "It was an exceptionally violent attack"

Paying the bills


Bomberos report on average two vehicle fires per day

QCOSTARICA - The Cuerpo de Bomberos (Fire Department) reported...

Government signs decree to eliminate mandatory vaccination against Covid-19 in the elderly

QCOSTARICA - President Rodrigo Chaves, signed the decree that...

Every 11 minutes there is a crime in Costa Rica

QCOSTARICA - Every 11 minutes and 46 seconds, a...

Central Bank went too far, says José Álvaro Jenkins, president of Uccaep

QCOSTARICA - The measures taken by the Banco Central...

Vehicle restrictions of San Jose suspended for Semana Santa

QCOSTARICA - Driving in and around the inner core...

Uncovering the secret religious and spiritual lives of sex workers

Q REPORTS (The Conversation) Tanya* is telling me just...

Costa Rica strengthens trade relations with the Netherlands

QCOSTARICA - Within the framework of President Rodrigo Chaves'...

Dollar Exchange

¢541.05 Buy

¢547.52 Sell

28 March 2023 - At The Banks - BCCR

Paying the bills


QCOSTARICA – The hacking that the Caja Costarricense de Seguro Social (CCSS) suffered early Tuesday is having a direct impact on patients, impacting care for thousands of policyholders, especially since the entity’s instruction is that they should not turn on computers.

CCSS main offices in downtown San Jose

The Caja’s executive president, Álvaro Ramos, was emphatic that it was their decision to shut down the computers as a preventive measure while the IT department try to measure the scope of the hack.

At a press conference on Tuesday, Ramos said they do not know when the computer servers will recover after the cyber attack.

- Advertisement -

Of the institution’s 1,500 computer servers, 30 were affected. The Caja guarantees that there was no leakage of sensitive information and announced that in a few days it will know how compromised the systems are.

Ramos added that the attack was exceptionally violent, to the point it was inevitable that systems such as EDUS and Sicere would be affected.

What happened?

The CCSS reported the attack at around 6 am Tuesday. The director of the Directorate of Information and Communication Technologies, Roberto Blanco, reported that the corresponding analyzes are currently being carried out to determine the scope of the cyber attack.

“The entity added that it is working to restore critical services, “but it is not yet possible to determine when they will be in operation. For now, preventively all systems have been lowered.

“All health centers are implementing their contingency plan to guarantee the continuity of care for users based on their capacities and resources with the aim of organizing services with the least possible impact,” said the Caja Costarricense de Seguro Social on social networks

“We are working with the entire specialized team to determine the course and how to lift the critical systems,” said Blanco.

- Advertisement -

Through Twitter, the account specialized in cyberattacks, Bettercyber, posted that there are sources that indicate that the Hive Ramsonware Group is responsible for this attack.

The Caja confirmed that Hive software was indeed detected. The Hive Group was detected for the first time in June 2021, and it usually attacks various sectors, mainly institutions or companies associated with health.

Conti attacks

The CCSS comes after Costa Rica declared a national emergency following Conti ransomware attacks that hit multiple government institutions.

- Advertisement -

The first alert of suspicious activity was detected at the Ministerio de Hacienda (Ministry of Finance) on Sunday, April 17.

The previous government began dragging its feet until accepting that it had been hacked.

The list of government entities hit by Conti affiliates also includes, in addition to the Ministerio de Hacienda, entities such as:

  • Ministerio de Trabajo
  • Fondo de Desarrollo Social y Asignaciones Familiares (Fodesaf)
  • Instituto Meteorológico Nacional (IMN)
  • Radiográfica Costarricense (Racsa)
  • Sede Interuniversitaria de Alajuela (SIUA)
  • Instituto de Desarrollo Rural (Inder)
  • Junta Administrativa del Servicio Eléctrico de Cartago (Jasec)
  • Fábrica Nacional de Licores (Fanal)
  • Municipalidad de Santa Bárbara, Buenos Aires, Garabito and Alajuelita

“The attack that Costa Rica is suffering from cybercriminals is declared a national emergency and we are signing this decree, precisely, to declare a state of national emergency throughout the public sector of the Costa Rican State and allow our society to respond to these attacks as criminal acts,” said Costa Rican President Rodrigo Chaves when signing the Executive Decree on May 8, one of his first acts following his investiture.

The Conti gang has demanded a US$10 million ransom from the Costa Rica government which it has declined to pay.

The U.S. government is now offering rewards of up to US$15 million to anyone who can provide information that can lead to the identification and arrest of Conti ransomware’s leadership and operators.

Evidence links Hive to Conti Group, but criminals deny it. Sites specialized in cybersecurity reported weeks ago that, after the announcement of a million-dollar reward from the FBI  after the massive computer attack on the Government of Costa Ricato, the criminals from that organization began to migrate to other smaller ones or founded some of their own and that Conti had begun a slow process of closing operations.

Bleeping Computer LLC reported that some of its hackers migrated to organizations like Hive, HelloKitty, AvosLocker, BlackCat, BlackByte, and others. However, Hive Ramsomware Group has refused to be linked to Conti, despite the fact that once the process of closing operations began and its hackers moved to that other criminal group, the organization began the tactic of publishing the leaked data on the deep web, just like Conti did.



- Advertisement -
Paying the bills
Avatar photo
"Rico" is the crazy mind behind the Q media websites, a series of online magazines where everything is Q! In these times of new normal, stay at home. Stay safe. Stay healthy.

Related Articles

In Costa Rica, 359,000 people suffer from a rare disease

QCOSTARICA - In Costa Rica, approximately 359,000 people suffer from a...

A slight increase in Covid-19 cases during the second week of February

QCOSTARICA - The Ministry of Health reported a slight increase in...

Subscribe to our stories

To be updated with all the latest news, offers and special announcements.