SAN JOSE, Costa Rica ( Associated Press) — Ransomware gangs that infiltrated some Costa Rican government computer systems have increased their threat, saying they now aim to overthrow the government.
Perhaps taking into account the fact that President Rodrigo Chaves was only in office for a week, the Russian-speaking Conti gang tried to increase the pressure to raise their demand to $20 million.
Chaves suggested at a news conference on Monday that the attack was coming from inside as well as outside Costa Rica.
“We are at war and that’s no exaggeration,” Chaves said. He said the officers were fighting a national terrorist group that had allies inside Costa Rica.
Chaves also said the impact was wider than previously known, affecting 27 government institutions, including municipalities and state-run utilities. He did not blame his predecessor, Carlos Alvarado, for not investing in cyber security and for dealing more aggressively with attacks during his government’s weak days.
Conti warned in a message on Monday that she was working with people inside the government.
“We have insiders in your government,” the group said. “We are also working on gaining access to your other systems, you have no other option but to pay us. We know you hired a data recovery specialist, don’t try to find a solution. “
Despite Conti’s threat, experts see regime change as a highly unlikely – or real – goal.
“We haven’t seen anything close to this before, and this is a pretty unique situation,” said Emsisoft ransomware analyst Brett Callow. “The danger of overthrowing the government is just that they are making noise and it should not be taken very seriously, I will not say that,” he said.
“However, the threat that they may cause more disruption than ever before is potentially real and there is no way of knowing how many other government departments they have compromised but not yet encrypted.”
Conti invaded Costa Rica in April, giving access to several key systems in the finance ministry, including customs and tax collection. Other government systems were also affected and a month later all are not fully functioning.
Chaves declared a state of emergency over the attack as soon as he was sworn in last week. The US State Department offered a $10 million reward for information on the identity or location of the Conti leaders.
“We are determined to overthrow the government through cyberattacks, we have already shown you all the might and power, you have initiated an emergency,” Conti wrote in response.
The gang also said it was raising the ransom demand to $20 million. It called on Costa Ricans to pressure their government to pay.
The attack encrypted government data and the gang said on Saturday it would remove the decryption keys if the ransom was not paid in a week.
A US State Department statement last week said the Conti group was responsible for hundreds of ransomware incidents during the past two years.
“The FBI estimates that as of January 2022, there were more than 1,000 victims of attacks involving the Conti ransomware, with victim payouts exceeding $150,000,000, making the Conti ransomware variant the most expensive version of ransomware to date,” the statement said. became a strain.”
Although the attack seems to be raising unwanted tensions in Chávez’s early days in office, it is unlikely that the gang was anything other than a monetary motivation.
“I believe this is simply a for-profit cyber attack,” said Callow, the analyst. “nothing more.”
,
Associated Press writer Christopher Sherman in Mexico City contributed to this report.
,
