Government refuses to pay extortion on massive cyber attacks 042122

- Photo for illustration purposes only -

You Might
Also Like

Published on Thursday, April 21, 2022
By the A.M. Costa Rica staff

The Government, through the Ministry of the Presidency, confirmed that several of its institutions have been the target of cyberattacks and extortion.

Authorities also confirmed knowing about alleged extortions from the Conti group of a $10 million in exchange for returning the stolen information.

Since Monday, teams of cyber security experts have been working to resolve the attacks on several public institutions, according to Minister of the Presidency Geaninna Dinarte. "This situation, clearly, deserves technical rigor and with that, we are acting," Dinarte said. "But we are also facing a situation that is created by international organized crime and that requires the country to take a firm position."

They will not respond to hackers' extortion. "We are not prepared for any extortion and therefore not for any reward payment, " Dinarte added.

As of Wednesday, five public institutions had already received cyberattacks. The first attack happened on Monday against the Ministry of Finance (www.hacienda.go.cr ) and the Ministry of Science, Innovation, Technology and Telecommunications (www.micitt.go.cr ).

At the close of the edition, both the ministry's sites continued to be down.

On Tuesday, the Twitter account for Social Security (www.ccss.sa.cr.) was hacked. They confirmed the situation was quickly controlled. However, they suffered a second attack on Wednesday. This time cyber criminals broke security systems and accessed Human Resource Department platforms. Social Security has suspended online access to that platform. There are no reports of tampering on their website.

Since yesterday, two more institutions have been hacked. Paola Vega, Minister of Technology, confirmed the Costa Rican Radiographic (racsa.go.cr), an institution in charge of the administration of telecommunications and the National Meteorological Institute (www.imn.ac.cr) were hacked. The cyber criminals accessed and copied email files from both organizations.

At press time, the websites of both organizations were working.

Regarding the cyber attack on the Ministry of Finance, which forced them to suspend its web page, Minister Elian Villegas reported that due to the lack of access to two of its platforms several taxpayers, importers and exporters were affected.

The Virtual Tax Administration platform (ATV) is used by taxpayers to make electronic invoices and tax reports. The Information Technology for Customs Control platform (TICA), is used by importers and exporters to access the National Customs Service.

Given the impossibility of immediately securing both platforms, Villegas asked users to refer to a contingency plan. All taxpayers using ATV and classified as large companies must report their taxes manually through Form D-110. The remaining taxpayers must wait for the platform to be enabled, to declare their taxes or do the electronic invoices.

In the case of the TICA platform used by exporters and importers, the contingency plan allows them to register their operations in coordination with National Customs Service. "National production must be released as soon as possible and we have to work on making imports quickly," Villegas said.

The actions resulting from the massive cyber crimes have the Government Council analyzing the situation and working on a plan to prevent possible new attacks. Alerts have also been issued to the rest of public institutions to be aware of more hacker attacks, authorities said.

Allies, such as the United States, Israel, Spain and the Organization of American States, have offered their help to combat the cyberattack, they added.

The government wants the public to stay calm while their technical expert teams work continuously to restore the virtual platforms that were attacked by cybercriminals.

The cyberattacks were allegedly made by Conti, a group of hackers. In the no official content displayed on those government sites, they were asking the Ministry of Finance for $10 million in exchange for returning the stolen information.

They are related to ransomware that has been under surveillance since 2020, according to NHS Digital, which is the national provider of information, data and IT systems in the UK.

The ransomware is a type of malware from cryptovirology that threatens to publish the victim's personal data or perpetually block access to it unless a ransom is paid

Many cybersecurity experts believe that Conti runs out of Russia. In February, members of Conti came out in support of the Russian invasion of Ukraine, according to ZDNet, a site specializing in news coverage and analysis on technologies.

The press conference at the Presidential House on Wednesday was led by Minister of the Presidency Geaninna Dinarte, Minister of Technology Paola Vega, Ministry of Finance Elian Villegas, and Director of Digital Governance Jorge Mora.

------------
What should the government do to prevent more cyberattacks on its institutions? We would like to know your thoughts on this story. Send your comments to news@amcostarica.com