In May of this year, Costa Rica’s newly elected President Rodrigo Chaves declared, “We are at war.” It was significant considering that Costa Rica is one of the few countries in the world that does not have a military. Also atypical is Costa Rica’s opponent in this war: a nonstate hacking organization based in Russia. The organization, Conti ransomware, had taken significant portions of the Costa Rican government’s computer systems offline, threatening the economy and state operations.
While the attack likely took months of preparation and planning, it wasn’t revealed until early 2022, when the Conti ransomware group announced that it had taken over computers in various Costa Rican government agencies, including the Finance Ministry and the tax collection agency. Since the initial attack in April, nearly every Cabinet agency has been hit, and new waves of attacks have shut down computer systems in other sectors, including health care.
These attacks have cost the government hundreds of millions of dollars in losses, though some of that money will be recuperated as systems return online. The bulk of those losses resulted from the sheer number of government services that were shut down by the attack. Automated tax payments, for example, couldn’t be made online. Some citizens were told to calculate their own taxes and then stand in line at agency offices to pay in person, and the government doesn’t yet know whether people paid the correct amount. Medical records and appointments, too, were inaccessible, with government agencies missing scheduled payments to some government employees and citizens who receive state subsidies. On top of these disruptions, Conti claims to have acquired the personal data of many Costa Rican citizens and has threatened to publish all of it online.