SAN JOSE, Costa Rica — After a month of crippling ransomware attacks, Costa Rica has declared a state of emergency. In theory, the measure usually reserved to deal with natural disasters or the COVID-19 pandemic would free up the government to react more nimbly to the crisis.
The declaration refers to the attack Costa Rica is suffering at the hands of “cybercriminals” and “cyberterrorists.”
The Russian-speaking Conti gang had claimed responsibility for the attack. Last week the U.S. State Department offered a $10 million reward for information leading to the identification or location of Conti leaders.
The attack began in April when the Finance Ministry was the first to report that a number of its systems were affected including tax collection and customs. Attacks also targeted the social security agency’s human resources system and Labor Ministry.
The Costa Rican government has not reported an expansion of the attack, but some systems, especially at the Finance Ministry, still are not functioning normally. The government has also not made an estimate of the losses caused by the attack.
Carlos Alvarado was still president when the attacks began and he said Costa Rica would not pay the gang any ransom.
In the U.S. State Department statement last week, it said the Conti group had been responsible for hundreds of ransomware incidents during the past two years. “The FBI estimates that as of January 2022, there had been over 1,000 victims of attacks associated with Conti ransomware with victim payouts exceeding $150,000,000, making the Conti Ransomware variant the costliest strain of ransomware ever documented,” the statement said.
In addition to the ransomware state of emergency, Chaves also eliminated pandemic-related obligatory use of masks in public spaces and issued a decree that urged public institutions to not sanction officials who have not been vaccinated against COVID-19, reversing his predecessor’s policy.