Ransomware — and particularly the Conti ransomware gang — has become a geopolitical force in Costa Rica. On Monday, the new Costa Rican president Rodrigo Chaves, who began his four-year term only 10 days ago, declared that the country was “at war” with the Conti cybercriminal gang, whose ransomware attack has disabled agencies across the government since April.
In a forceful statement made to press on May 16th, President Chaves also said that Conti was receiving help from collaborators within the country and called on international allies to help.
“We’re at war and this is not an exaggeration,” Chaves told local media. “The war is against an international terrorist group, which apparently has operatives in Costa Rica. There are very clear indications that people inside the country are collaborating with Conti.”
President Chaves’ declaration of war against Conti comes in the face of unusually belligerent rhetoric from the ransomware group, which stated its intent to “overthrow the government by means of a cyberattack.” In a message posted to the Conti website, the ransomware group urged citizens of Costa Rica to pressure their government to pay the ransom, which has been doubled from an initial $10 million to $20 million.
Over the period of the attack, the US government has also offered a bounty of up to $10 million for information that could identify or locate the main coordinators of the Conti group’s operations or $5 million for information leading to the arrest of any Conti member.
The severe impact of Conti’s attack on the Costa Rican government points to the continued ability of the largest ransomware groups to operate on a scale that can pose a threat to nation states and draw on funding reserves that allow them to buy their way into some of the most sensitive computer systems by bribing those with access.
“We’re at the point now where these ransomware groups make billions of dollars, so their ability to get access to these [networks] is only limited by their own desire,” said Jon Miller, CEO and co-founder of anti-ransomware software platform Halcyon. “Month after month, more of these groups are coming online. This is a drastically growing problem.”
As the Costa Rican crisis continues, more knock-on effects are reaching citizens of the country. Statements made by Chaves put the number of government agencies hit at 27, including the Finance Ministry and the Ministry of Labor and Social Security. One of the effects was that the government was unable to collect taxes through traditional means, Chaves said.
So far, the Costa Rican president has remained intransigent that the government will pay nothing to the ransomware gang. With neither side appearing to budge, the situation has reached a standoff — but one that will be closely watched by other governments hoping to avoid a similar fate.