How the Conti ransomware group paralyzed Costa Rica and then fell apart itself?
3 min readHow the Conti ransomware group paralyzed Costa Rica and then fell apart itself?
- An American company made 0.7nm chips: EUV lithography machines can’t do it
- CVE-2007-4559 Python vulnerability ignored for 15 years puts 350,000 projects at risk of code execution
- RISC-V only takes 12 years to achieve the milestone of 10 billion cores
- 14000 cores + 450W: RTX 4080 graphics card perfectly replaces the RTX 3080
- Big upgrade: The difference between Bluetooth 5.0 and 5.2
- Geeks Disappointed that RTX 4080/4090 doesn’t come with PCIe 5.0
- What are advantages and disadvantages of different load balancing?
How the Conti ransomware group paralyzed Costa Rica and then fell apart itself?
The country is still struggling despite the collapse of the hacking group after the president refused to pay to end the cyberattack.
In April, a Russian ransomware group called Conti started with Costa Rica’s Ministry of Finance and launched a series of linked attacks across 27 departments.
Conti offered to return the data for $20 million. But the Costa Rican government refused to pay the ransom, and newly installed President Rodrigo Chavez declared a national emergency, launched a hunt for so-called “traitors” and relied on allies such as the United States and Spain to help it.
“We are at war,” Chavez said in the days after his inauguration. He accused the previous administration of concealing the true extent of the destruction and likened it to terrorism.
The attack has paralyzed Costa Rica’s online tax collection, public healthcare and pay cuts for some public sector workers.
At the same time, the hacker group has also fallen victim to geopolitics fueled by the war in Ukraine.
After the black group announced its support for Russia, an insider retaliated by leaking their toolkit, internal chat logs.
With the leak comes the demise of the Conti. By the end of June, Conti’s website mocking Costa Rica and other victims was shut down, as was its dark web negotiation site.
This complicates Costa Rica’s efforts to restore its IT systems: even if it agrees to pay the ransom, the perpetrators cannot be contacted.
Spain helped Costa Rica deploy its own ransomware protection software, MicroClaudia, the United States sent a team to assist, and Microsoft , IBM and Cisco donated software and expertise.
Security researcher Shmuel Gihon said: “Conti’s attack in Costa Rica was, in a way, a last desperate attempt and they hoped their actions would draw a little attention.”
Conti is estimated to have had around 400 hackers at one time, along with an undisclosed number of affiliates who rented their toolkits — individuals who have acquired hundreds of millions of dollars in cryptocurrency from at least 600 targets in 2021.
Costa Rica is still grappling with the aftermath of the April hack. As with all successful ransomware attacks, there is no way to decrypt one’s own data without the key — most systems have to be rebuilt from scratch, a process that can take years.
There are signs that Conti is reorganizing in different forms, including a group called BlackBasta, which has attacked 50 institutions in just a few months.
- DIY a PBX (Phone System) on Raspberry Pi
- How to host multiple websites on Raspberry Pi 3/4?
- A Free Intercom/Paging system with Raspberry pi and old Android phones
- DIY project: How to use Raspberry Pi to build DNS server?
- Raspberry Pi project : How to use Raspberry Pi to build git server?
