Jorge Mora, Costa Rica’s digital governance chief, received a message in April from one of his officials: “We couldn’t contain it and they’ve encrypted the servers. We’ve disconnected the entire ministry.”
He was being updated on a harrowing cyber-assault by a notorious Russian ransomware group called Conti, which started at the Central American country’s ministry of finance and eventually ensnared 27 different ministries in a series of interlinked attacks that unfurled over weeks.
The attack was “impressive in its scope”, according to one western official. Usually, hackers manage to gain access to single systems but Costa Rica’s case highlights the risk posed by weak cyber security to a nation’s entire IT infrastructure. In Costa Rica, Conti had spent weeks, if not months, of tunnelling around in its government systems, leaping from one ministry to the other.