Published: May 11, 2022
In April of this year, the Costa Rican government faced a ransomware attack, which prompted the US State Department to announce a bounty on people with connections to the attack, specifically the Conti ransomware used in the hack.
The new Costa Rican president, Rodrigo Chaves Robles, has declared a national emergency because of this incident, as it affected Costa Rican ministries and institutions like the Ministry of Finance, and Labor and Social Security.
The country’s treasury is also thought to have been affected, as well as the Social Development and Family Allowances Fund. The US government says that this attack has impacted Costa Rican trade as it disrupts their platforms for taxes and customs.
On top of this, the hackers are also leaking data, with almost 700 GB already coming out into Conti’s site.
Besides the bounty, the US government announced a $5 million reward for people with information “leading to the arrest and/or conviction of any individual in any country conspiring to participate in or attempting to participate” in the attack.
This group is known for targeting healthcare facilities, including research centers and hospitals. The group also came forward with support for Russia after the country started the attack on Ukraine.
The group’s chat logs, which were recently leaked, show organizational problems inside the group itself. So, in the Costa Rica attack, the attacker says they’re one of the affiliates using the software, and they aren’t a part of the larger organization.
It isn’t the first time the US has offered bounties for such attacks. Last year, similar bounties were announced on DarkSide and REvil, adding to over 2,000 cyberattacks happening daily.