Costa Rican President Rodrigo Chaves has said that his country is “at war” with the Conti ransomware gang, according to local media.
The Conti ransomware gang, which is believed to be based in Russia, launched a series of cyberattacks against Costa Rican government agencies last month. In April, the country’s Ministry of Finance was the first agency to report a data breach. More than two dozen other government institutions are affected as well.
Conti is demanding a ransom payment of $20 million from the Costa Rican government. The hackers originally demanded $10 million when the cyberattacks began last month. Conti said that “we are determined to overthrow the government by means of a cyber attack, we have already shown you all the strength and power.”
“We’re at war and this is not an exaggeration,” Chaves told local media. “The war is against an international terrorist group, which apparently has operatives in Costa Rica. There are very clear indications that people inside the country are collaborating with Conti.”
Chaves declared a state of emergency over the ransomware attacks earlier this month, just a few days after he was sworn in as president of Costa Rica. Chaves said the cyberattacks have affected 27 government institutions. Those institutions include multiple municipalities and state-run utilities.
Earlier this week, the Costa Rican government stated that the hack has affected automatic payment services in the country. The government warned that civil servants will not be paid on time and must apply for their salaries by email, or on paper by hand.
“Due to the temporary downturn of the institutional systems, the service of issuing certificates regarding the amounts of salaries owed to the civil servants of the Central Administration is suspended,” the Costa Rican Treasury said in a statement on Wednesday. “All applications received via email or in the windows of the National Accountancy will be attended to once systems are restored.”
Other Finance Ministry systems were also affected by the hack, AP reported this week. Some of the government systems that were targeted have not yet been fully restored.
Conti is believed to have carried out hundreds of ransomware attacks over the years. The group has launched cyberattacks against companies, as well as public sector organizations such as Ireland’s healthcare system.
“The FBI estimates that as of January 2022, there had been over 1,000 victims of attacks associated with Conti ransomware with victim payouts exceeding $150,000,000, making the Conti Ransomware variant the costliest strain of ransomware ever documented,” the U.S. State Department said in a statement earlier this month.