Latin America. The ransomware attacks of the Conti group to Costa Rica made the decree of the state of emergency since April. Recently, the cybercriminal group doubled the cost of the ransom in the face of the executive's refusal to make the payment. The president's response to this situation has been to call it a "war."
According to BBC News, some keys to understanding the cyberattack, which have led President Rodrigo Chaves to assure that "we are at war and that is not an exaggeration", are, among others: that the country has a boom in digitalization, but weakly protected servers and systems. The possible existence of a cell of the Russian group inside the country and the moment of political transition of the president.
However, it has already been confirmed that this attack, which took place on April 18 of this year (2022) affected at least 30 institutions, among which the Ministry of Finance stands out as the most affected, along with other ministries, Social Security and the National Meteorological Institute.
However, what has had the greatest impact is that, due to the hijacking of tax return and foreign trade systems, the country's fiscal functioning was paralyzed. There is a cessation of collection systems and they have been faced with the suspension of salary payments of public sector employees.
Affected teachers and protests
According to the local newspaper La Nación , the attack affected the Integra II payment system, harming the salaries of at least 12,000 educators, who represent 13% of the 88,000 officials of the Ministry of Public Education (MEP).
Although in the face of this crisis the MEP has generated "mirror payrolls" with payments from previous months, since this provisional method does not reflect the contractual reality, in which there are still to process vacations, personnel movements and fill 543 vacancies (among other changes), this strategy has not been enough. So the government has already faced protests from affected teachers.
Pay or not pay?
According to a Kaspersky study on "How business executives perceive the threat of ransomware", of the companies that have not yet been victims of this type of attack, 67% would be willing to pay, but not immediately.
Now, of the 900 respondents, which covered the Americas, Africa, Russia, Europe and the Pacific territory of Asia, 64% of organizations have already been victims of ransomware attacks and among them 79% paid the ransom to their attackers. As relevant data, 88% of the managers of organizations that have already been attacked by ransomware would choose to pay a ransom if they faced this conflict again.
In contrast, Oswaldo Palacios, senior account executive in Mexico and NOLA at Guardicore, assures that the recommendation of the experts is not to pay a ransom demanded by cybercrime, this because some companies pay the ransom fees in full, but do not receive the means to reverse the encryption of their data, so, in those specific cases, organizations spend a lot of time and money to rebuild what was lost.
It is noteworthy that the rescue figure was initially in the 10 million dollars and to date it is at 20 million. A matter that might invite you to wonder why a country with a Gross Domestic Product per capita of 12,408 dollars in 2020 and an economic growth of 7.6% in 2021 does not pay a figure that might sound "small". The answer is that in this case the conflict of paying has deeper and more complex implications.
When a private entity pays for a ransomware attack, it assumes the costs with its own money, although it can be audited by the partners, it is a decision that having the acceptance of the managers can be taken as viable. But it is very different if a government does it, especially considering the public nature of the treasury.
In conclusion, the significance of this attack and the response that the government of Costa Rica can give to recover its systems is intimately related to the image of the State. More than the theft of information, this attack can be a blow to the perception of authority and control before national and international opinion.
