Ransomware Assault on Costa Rican Government

A harrowing cyber-assault by the notorious Russian ransomware group called Conti left
the government in Costa Rica so severely crippled that staff at affected organizations
had to use pen and paper to get things done. The assault started at the Central
American country’s ministry of finance and eventually enmeshed 27 different
ministries in a series of interlinked attacks over a period of weeks. This attack highlights
the risk of weak cyber security to a nation’s entire IT infrastructure. Conti offered to
return the data at a price of up to $20M, but the Costa Rican government refused to pay
the ransom. Shortly after Conti made this demand, its public-facing website was shut
down along with its dark-web negotiations site. Costa Rica’s efforts to regain control of
its IT systems were stymied. For victims, paying the ransom is no guarantee they will be
able to retrieve their data. Of all ransomware victims, 32% pay the ransom, but they
only get 65% of their data back.