Conti Ransomware Attack on Costa Rican Government

Infographic Threat Talks - Prevent, Pay or Insure
Listen to Threat Talks - Cybersecurity Podcast on Spotify
Listen to Threat Talks - Cybersecurity Podcast on YouTube
Listen to Threat Talks - Cybersecurity Podcast on Apple Podcasts
Listen to Threat Talks - Cybersecurity Podcast on Amazon Music

Conti Attack on Costa Rica

When Ransomware Halts a Nation

In a devastating demonstration of the impact of a ransomware attack, the Conti group launched an attack against Costa Rica. The attack led to the country declaring a national state of emergency. With health care services ground to a halt and government salaries going unpaid, the attack showcased the vulnerabilities of critical infrastructure when faced with advanced cyber threats.

Yet surprisingly, the techniques used in this attack weren’t even that sophisticated.

In this Deep Dive, host Lieuwe Jan Koning is joined by Threat Intel Specialist Luca Cipriano and Field CTO Rob Maas as they take on the role of red team (Luca) / blue team (Rob) and walk us through this ransomware attack.

 

Explore the Hack’s Route in Detail

Find a complete overview of the Conti Attack and other attacks featured in Prevent, Pay or Insure.

Your cybersecurity experts

Lieuwe Jan Koning, Co-Founder and CTO, ON2IT

Lieuwe Jan Koning

Co-Founder and CTO, ON2IT Group

Luca Cipriano, Threat Intel Specialst, ON2IT

Luca Cipriano

Threat Intel Specialist, ON2IT

Rob Maas, Field CTO, ON2IT

Rob Maas

Field CTO, ON2IT

Episode details

In April 2022, Costa Rica’s government declared a national state of emergency following a ransomware attack by the Conti group.

This cyber offensive crippled critical services, leaving hospitals unable to operate, halting salary payments for government workers, and much more.

Amid the chaos, one unexpected seemingly positive side effect was the temporary suspension of tax collection.

Inside this Deep Dive

  • How It Happened: experts Luca Cipriano and Rob Maas take their usual red team / blue team approach as they break down the attack’s mechanics. Luca walks us through all the steps the hackers took, as Rob focuses on what could have been done to stop these steps from succeeding.
  • Lessons Learned: with a good idea of what techniques and programs were used, we can then focus on what security measures should be in place to prevent such an attack from ever happening again.

 

Enter the dynamic world of cybersecurity

Subscribe to our channels, and stay on to it!

Infographic Threat Talks - Prevent, Pay or Insure
Listen to Threat Talks - Cybersecurity Podcast on Spotify
Listen to Threat Talks - Cybersecurity Podcast on YouTube
Listen to Threat Talks - Cybersecurity Podcast on Apple Podcasts
Listen to Threat Talks - Cybersecurity Podcast on Amazon Music