IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

Ransomware group Conti threatens to overthrow Costa Rican government

It has urged citizens to go out onto the streets to demand their government pays the ransomware demand

The ransomware group Conti has threatened to overthrow the Costa Rican government after demanding the country pay $10 million last week to unlock key government systems affected by a cyber attack.

The group has now increased the pressure on the Costa Rican government to pay a ransom by raising its demand to $20 million, according to the AP. However, it remains unclear as to why the ransomware group is targeting this country in particular.

The attack is coming from inside and outside Costa Rica, President Rodrigo Chaves said in a news conference yesterday. He underlined the country was at war and that officials were battling a national terrorist group that had collaborators inside the country too.

The president added that the cyber attack’s impact was broader than initially suggested, affecting 27 government institutions, including state-run utilities. Chaves, who has been in his role for just over a week, blamed former president Carlos Alvarado for not investing enough in cyber security and for not dealing with the attacks in the last days of his government.

Conti warned Costa Rica that it has insiders in the government, the group said in a message posted yesterday. It emphasised that the country has less than a week left to pay the ransom before it destroys the keys to unlocking the devices affected by its ransomware. The group added that it knew the government had hired a data recovery specialist and warned it not to find workarounds.

“I once again appeal to the residents of Costa Rica go out on the street and demand payment,” said the message from Conti. “Another attempt to get in touch through other services will be punished by deleting the key.”

On 14 May, the ransomware group published a post titled “For Costa Rica and US terrorists (Biden and his administration)” where it urged the country to pay before it was too late. It highlighted that the country was destroyed by two people and that Conti was determined to overthrow the government by means of a cyber attack.

The group then updated this message on the same day, changing it to a more conciliatory tone. It asked why the country wouldn’t just buy a key, and questioned whether there had been cases where a country has entered a state of emergency following a cyber attack.

“I appeal to every resident of Costa Rica, go to your government and organise rallies so that they would pay us as soon as possible,” said the message. “If your current government cannot stabilise the situation? Maybe it’s worth changing it?”

President Chaves declared a state of emergency on 8 May after Costa Rica was hit by Conti ransomware in April. The full impact of the attack was initially unknown, although it did affect the Treasury, leaving it without digital services and having to resort to manual processes to complete its work. Conti asked for a $10 million ransom and underlined that around 97% of the data it had taken had been published, with around 672GB of information taken.

Featured Resources

Accelerating AI modernisation with data infrastructure

Generate business value from your AI initiatives

Free Download

Recommendations for managing AI risks

Integrate your external AI tool findings into your broader security programs

Free Download

Modernise your legacy databases in the cloud

An introduction to cloud databases

Free Download

Powering through to innovation

IT agility drive digital transformation

Free Download

Recommended

Government competition promises £12 million fund for UK tech startups
Business strategy

Government competition promises £12 million fund for UK tech startups

28 Jun 2022
New health data strategy to consult public on NHS data use
public sector

New health data strategy to consult public on NHS data use

13 Jun 2022
Second ransomware group attacks Costa Rica
ransomware

Second ransomware group attacks Costa Rica

1 Jun 2022
UK plan to abandon big tech regulator powers “makes no sense”
Policy & legislation

UK plan to abandon big tech regulator powers “makes no sense”

3 May 2022

Most Popular

Salaries for the least popular programming languages surge as much as 44%
Development

Salaries for the least popular programming languages surge as much as 44%

23 Jun 2022
The UK's best cities for tech workers in 2022
Business strategy

The UK's best cities for tech workers in 2022

24 Jun 2022
LockBit 2.0 ransomware disguised as PDFs distributed in email attacks
Security

LockBit 2.0 ransomware disguised as PDFs distributed in email attacks

27 Jun 2022