Conti Pwns The Cost Rican Government

BleepingComputer is reporting that Costa Rica has declared a national emergency after Conti ransomware attacks on multiple government bodies has led to a 672GB data dump, where BleepingComputer observed that Conti’s data leak site had been updated to state that 97% of the data had been leaked:

Conti earlier demanded a $10 million ransom from the Ministry which the government declined to pay, according to

Conti’s leak site presently lists the following government purportedly affected by the attack, as seen by BleepingComputer:

  • The Costa Rican Finance Minsitry, Ministerio de Hacienda
  • The Ministry of Labor and Social Security, MTSS
  • The Social Development and Family Allowances Fund, FODESAF
  • The Interuniversity Headquarters of Alajuela, SIUA

BleepingComputer has not yet analyzed the leaked data but a preliminary analysis of a very small subset of the leaked data shows source code and SQL databases that appears to be from government websites.

Chris Olson, CEO and Founder of The Media Trust had this to say:

“Although Conti does not appear to have been acting on behalf of the Russian-government during its recent attack on Costa Rica, its Russian ties suggest that the country still possesses advanced cyber capabilities which could be leveraged to carry out similar strikes against NATO-aligned countries. This possibility – which experts have debated since the beginning of its attack on Ukraine – is especially worrisome given that Conti targeted more than a dozen critical organizations in the U.S only months before the attack began.”

“Either way, it’s clear that the ransomware game has changed – it’s no longer just about stealing money from large corporations. Faced with the prospect of cyberwarfare and weaponized ransomware attacks, organizations in both the public and private sector should be preparing themselves by hardening their defenses and locking down their digital ecosystem.”

Well, at least they declined to pay the ransom. That’s somewhat positive as that sends a message that you won’t play ball with these scumbags. But this leak appears to be bad. And it is likely we have not heard the last of this story.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: