Published on: May 19, 2022
Russia-based Conti ransomware group has threatened to overthrow the new Costa Rican government following their attack on the country’s administrative systems.
An announcement on Conti’s official website says that the gang has already managed to plant insiders in the government and is working on breaching other systems.
“We are determined to overthrow the government by means of a cyber attack, we have already shown you all the strength and power,” the gang said in a public announcement. “We have our insiders in your government. We are also working on gaining access to your other systems, you have no other options but to pay us.”
Conti increased its demand to $20 million in exchange for the decryption key needed to unblock compromised systems in order to add more weight to its extortion attempt. The gang also posted another message on its website saying that it will delete the decryption keys in a week, possibly leaving impacted administrations in a precarious situation.
“I appeal to every resident of Costa Rica, go to your government and organize rallies so that they would pay us as soon as possible if your current government cannot stabilize the situation? Maybe it’s worth changing it,” read a different message on Conti’s dark web portal.
The attack last month that compromised Costa Rica’s administrative systems caused the country to enter a state of emergency. The threat actors also leaked several collections of data stolen from the affected systems before encrypting the documents.
According to reports, the attack was claimed by a Conti affiliate called “UNC1756.”
Earlier this month, the US State Department announced rewards of up to $10 million for any helpful information that could lead to the identification of Conti’s key members.