But the attack on the Treasury is just the beginning. The timeline shared by Mora claims that between April 18 and May 2, Conte attempted to hack a different government organization on an almost daily basis.Local authorities such as the City of Buenos Aires, as well as central government organizations, including Ministry of Labour and Social Security. In some cases, Conte succeeded; in others, it failed. Mora said U.S., Spanish and private companies helped defend against the Conti attack, providing software and indicators of compromise related to the group. “It’s seriously hindering Conte,” he said. (In early May, the United States released $10 million Reward for information on Conte’s leadership. )
On May 8, Chavez began his four-year term as president and immediately declared a “national emergency” due to a ransomware attack, calling the attackers “cyber terrorists.” Chavez said on May 16 that nine of the 27 targeted bodies were “severely affected.” MICIT, which oversees the response to the attack, did not answer questions about the progress of the recovery, despite an initial offer to schedule an interview.
“All the state agencies, they don’t have enough resources,” Robles said. During the recovery process, he said, he saw organizations running on legacy software, which made it harder to enable the services they provided. Some agencies “don’t even have people working on cybersecurity,” Robles said. Mora added that these attacks demonstrate the need for Latin American countries to increase their cybersecurity resilience, enact laws to mandate cyberattack reporting, and allocate more resources to protect public institutions .
But just as Costa began to take control of Conte’s attack, another hammer blow struck. On May 31, the second attack began. The Costa Rican Social Security Fund (CCSS) system, which is responsible for organizing health care, went offline, throwing the country into new chaos.This time HIVE ransomware, it There are some links to Conti, accused.
The attack had a direct impact on people’s lives.Healthcare systems go offline, printers spew garbage, just as Security reporter Brian Krebs. Since then, patients have complained about treatment delays, and the CCSS has warned parents whose children are undergoing surgery that they may have difficulty finding their children. Health services also Start printing discontinued paper forms.
By June 3, CCSS Announce ‘Institutional emergency’, local reports say 759 out of 1,500 Servers and 10,400 computers were affected. A spokesman for CCSS said the hospital and emergency services were now operating normally, and the efforts of its staff had maintained care. Those seeking medical care, however, faced severe disruption: 34,677 appointments had been rescheduled as of June 6. (That figure represents 7 percent of total appointments; CCSS says 484,215 appointments have been made.) Medical imaging, pharmacies, testing labs, and operating rooms are all facing some confusion.
Death of Conte
There are questions about whether the two separate ransomware attacks against Costa Rica are related. However, they arise because the face of ransomware may be changing.Ransomware gangs linked to Russia in recent weeks Changing tactics to avoid U.S. sanctions and is more fighting for their territory than usual.
Conti first announced the attack on the Treasury Department on its blog, where it published the names of the victims and the files stolen from them if they didn’t pay the ransom.A person or group calling itself unc1756 – some use the acronym for “UNC” Security firm points to ‘unclassified’ attackers– used a blog to claim responsibility for the attack. The attackers demanded a ransom of $10 million, which was later increased to $20 million. When there was no payment, they started uploading 672 GB of files to Conti’s website.