Surreal: Costa Rica is at “war” against hackers

It’s unheard of: a conflict between a group of hackers and a country. For the first time, hackers attack a state and force its president to take extraordinary measures. No, despite all appearances, it is not Ukraine, but Costa Rica, a small Central American country with five million inhabitants. For several days, the Costa Rican authorities have been fighting a well-known Russian pirate group called Conti. And for now, the hackers are in a position of strength, having managed to cripple a key part of public administration.

It is therefore a new level to be crossed by the pirates. We were almost used to attacks on SMEs, multinational corporations, universities, hospitals and municipalities. From now on we are talking about a computer attack on a country. It began on April 12 when the attackers managed to break into the servers of the Ministry of Finance, which oversees the country’s tax system. The hackers quickly penetrated other government agencies, including the Departments of Labor and Social Security, as well as agencies that oversee technology and telecommunications. A total of 27 government agencies were affected.

affected citizens

These breaches followed a classic pattern: accessing sensitive data, encrypting that information, and exfiltrating the latter. Several tens of gigabytes of data – the figure of 600 GB further developed – are owned by the hackers, who gradually publish them on the dark web.

And the consequences for Costa Ricans are concrete: The country cannot currently collect taxes in the traditional way. Several databases have become inaccessible, forcing taxpayers to write their tax returns at the counter as online operations are impossible.

That’s not all. Hackers are not only trying to paralyze the state, but also make the citizens pay the price. Their attacks partially paralyzed universities and prevented the payment of pensions and social benefits. Businesses no longer have access to online services, especially for obtaining legal documents.

From 10 to 20 million dollars

This massive pressure on the residents is intentional, the group of Conti hackers addressed them directly with several messages posted on the Internet. They first urged citizens to pressure the government to pay an initial ransom of $10 million, which was later doubled. The hackers then became even more explicit, writing: “We are determined to overthrow the government through a cyber attack, we have already shown you all our strength and might.”

So we are talking about an attempted coup by digital means, something that has never happened before. For now, the hackers don’t seem to be able to mobilize citizens against the authorities as no demonstration or public call to pay the ransom has been reported. But at the head of the state, the president seems to have understood the seriousness of the situation. Rodrigo Chaves took office on May 8 and said on May 16: “We are at war. And it’s no exaggeration to say so.”

Also read: Rodrigo Chaves, a religious, conservative and anti-ecological president

communication war

A few days earlier, Rodrigo Chaves announced declared the state of emergency in the country and declared: “The attack that Costa Rica is suffering, perpetrated by cybercriminals and cyberterrorists, is declared a national emergency”. This decision notably allows him to allocate means to combat this cyberattack, without the consent of Parliament to catch up There is currently no evidence that these funds, the amount of which is unknown, will be used to pay a ransom. “We are facing a situation of inevitable disasters, public disasters and internal and unusual riots that cannot be controlled by the government without extraordinary measures,” said Rodrigo Chaves.

This is not only a computer attack, but also a communication war between the two parties. “We planted our people in your government,” the hacker group said, continuing, “We’re working to gain access to your other systems, you have no choice but to pay us.” We know you’ve hired a data recovery specialist, don’t try to find workarounds.” The Conti group is said to have threatened to destroy the digital key used to decrypt the data, an operation that would make it impossible to recover that information to restore.

Revelations about Conti

It is impossible to predict the outcome of this conflict. This digital struggle takes place in a very specific context. Many cybersecurity experts say the mainly Russian hacking group Conti is on the verge of implosion after revelations about its practices this spring. A significant amount of the group’s data, including internal messages, had been disclosed by an apparently Ukrainian member of this gang, who was furious that Conti initially sided with Russia after the attempted invasion of Ukraine. Conti would land one last “hit” by attacking Costa Rica before most likely reappearing in other forms through the formation of new pirate groups.

Also read: How the criminal SME Conti carried out its cyber attacks

#Surreal #Costa #Rica #war #hackers

Leave a Comment

Your email address will not be published.