London Daily

Focus on the big picture.
Sunday, Jul 12, 2026

Cyber attack causes chaos in Costa Rica government systems

Cyber attack causes chaos in Costa Rica government systems

Nearly a week into a ransomware attack that has crippled Costa Rican government computer systems, the country refused to pay a ransom as it struggled to implement workarounds and braced itself as hackers began publishing stolen information.
The Russian-speaking Conti gang claimed responsibility for the attack, but the Costa Rican government had not confirmed its origin.

The Finance Ministry was the first to report problems Monday. A number of its systems have been affected from tax collection to importation and exportation processes through the customs agency. Attacks on the social security agency’s human resources system and on the Labor Ministry, as well as others followed.

The initial attack forced the Finance Ministry to shut down for several hours the system responsible for the payment of a good part of the country’s public employees, which also handles government pension payments. It also has had to grant extensions for tax payments.

Conti had not published a specific ransom amount, but Costa Rica President Carlos Alvarado said, “The Costa Rican state will not pay anything to these cybercriminals.” A figure of $10 million circulated on social media platforms, but did not appear on Conti’s site.

Costa Rican businesses fretted over confidential information provided to the government that could be published and used against them, while average citizens worried that personal financial information could be used to clean out their bank accounts.

Christian Rucavado, executive director of Costa Rica’s Exporters Chamber, said the attack on the customs agency had collapsed the country’s import and export logistics. He described a race against the clock for perishable items waiting in cold storage and said they still didn’t have an estimate for the economic losses. Trade was still moving, but much more slowly.

“Some borders have delays because they’re doing the process manually,” Rucavado said. “We have asked the government for various actions like expanding hours so they can attend to exports and imports.”

He said normally Costa Rica exports a daily average of $38 million in products.

Allan Liska, an intelligence analyst with security firm Recorded Future, said that Conti was pursuing a double extortion: encrypting government files to freeze agencies’ ability to function and posting stolen files to the group’s extortion sites on the dark web if a ransom wasn’t paid.

The first part can often be overcome if the systems have good backups, but the second is trickier depending on the sensitivity of the stolen data, he said.

Conti typically rents out its ransomware infrastructure to “affiliates” who pay for the service. The affiliate attacking Costa Rica could be anywhere in the world, Liska said.

A year ago, a Conti ransomware attack forced Ireland’s health system to shut down its information technology system, cancelling appointments, treatments and surgeries.

Last month, Conti pledged its services in support of Russia’s invasion of Ukraine. The move angered cybercriminals sympathetic to Ukraine. It also prompted a security researcher who had long been surveilling Conti to leak a massive trove of internal communications among some Conti operators.

Asked why Central America’s most stable democracy, known for its tropical wildlife and beaches, would be a target of hackers, Liska said the motivation usually has more to do with weaknesses. “They’re looking for specific vulnerabilities,” he said. “So the most likely explanation is that Costa Rica had a number of vulnerabilities and one of the ransomware actors discovered these vulnerabilities and was able to exploit it.”

Brett Callow, a ransomware analyst at Emsisoft, said he looked at one of the leaked files from the Costa Rican finance ministry and “there doesn’t seem to be much doubt that the data is legit.”

On Friday, Conti’s extortion site indicated it had published 50% of the stolen data. It said it included more than 850 gigabytes of material from Finance Ministry and other institutions’ databases. “This is all ideal for phishing, we wish our colleagues from Costa Rica good luck in monetizing this data,” it said.

That seemed to contradict Alvarado’s assertion that the attack was not about money.

“My opinion is that this attack is not a money issue, but rather looks to threaten the country’s stability in a transition point,” he said, referring to his outgoing administration and the swearing in of Costa Rica’s new president May 8. “They will not achieve it.”

Alvarado did allude to the possibility that the attack was motivated by Costa Rica’s public rejection of Russia’s invasion of Ukraine. “You also can’t separate it from the complex global geopolitical situation in a digitalized world,” he said.
Newsletter

Related Articles

0:00
0:00
Close
United Kingdom Financial Regulator Introduces Tougher Capital Rules for Cryptocurrency Exchanges
Belfast Harbour Expands Operations to Attract Investment Through United Kingdom and European Union Market Access
Scottish Government Threatens Legal Challenge Over Westminster Cuts to North Sea Transition Funding
United Kingdom Accelerates Trans-Pennine High-Speed Rail Project Linking Northern Cities
United Kingdom Secures Ten Billion Pound Investment for Cambridge Quantum Computing Campus
Port Talbot Steelworks Wins Support for Green Hydrogen Transition and Protection of Industrial Jobs
United Kingdom Sends Royal Navy Carrier Strike Group to Indo-Pacific as Regional Security Focus Expands
National Health Service Expands Artificial Intelligence Diagnostics Across England to Reduce Screening Backlogs
United Kingdom Launches Fifty Billion Pound Infrastructure Fund to Accelerate Housing and Construction
UK Medical Chiefs Update Health Guidance to Promote Everyday Physical Activity
Office of Communications Keeps Wikipedia Under Review Under UK Online Safety Rules
UK Defence Ministry Expands Deep-Strike Capability Through Precision Missile Programme
Russell Group Universities Warn Funding Cuts Could Damage NHS Workforce Training
UK Parliament Calls for National Emergency Broadcast as Heatwave Conditions Intensify
UK and Netherlands Strengthen Naval Cooperation With New Amphibious Defence Partnership
UK Defence Ministry Joins International Missile Programme With One Hundred and Ninety Million Pound Investment
Bank of England Warns Middle East Conflict and AI Risks Could Pressure UK Economy
UK Government Introduces New Rules to Limit Foreign Influence in Political Donations
UK and France Prepare Naval Mission to Protect Shipping Through Strait of Hormuz
United States Pressures UK to Increase Defence Spending at NATO Summit
Bank of England Warns Artificial Intelligence Investment Boom Could Create Financial Stability Risks
Bank of England Begins Direct Oversight of Critical Technology Providers Supporting UK Finance
Andy Burnham Set to Become UK Prime Minister After Labour Leadership Race Clears Path to Downing Street
Scottish Fishing Industry Calls for Emergency Support Amid Rising Costs
UK Supports Stronger European Response to Russian Actions in Ukraine
Devon and Cornwall Police Release Suspect in Ann Widdecombe Murder Investigation
Scottish MPs Demand More Government Support for Fishing Industry
UK Aviation Sector Faces New Rules as Parliament Reviews Passenger Protection Reforms
King’s College London Disciplines Students Over Pro-Palestine Campus Protests
Ministry of Defence Expands Military Capabilities Through New Precision Strike Investment
United Kingdom Condemns Russian Treatment of Ukrainian Children at International Security Forum
House of Lords Reviews Civil Aviation Bill to Strengthen Passenger Rights and UK Aviation Competitiveness
UK Aerospace and Defence Industries Contribute Nearly Forty-Seven Billion Pounds to Economy
UK Government Advances Consultation on Possible Social Media Ban for Children Under Sixteen
United Kingdom Ratifies Global High Seas Treaty to Protect Marine Biodiversity
United Kingdom Joins United States Precision Strike Missile Programme With One Hundred Ninety Million Pound Investment
UK Senior NHS Doctors Vote for Further Strike Action Over Pay and Contract Disputes
BBC Leadership Resigns After Donald Trump Launches Ten Billion Dollar Defamation Lawsuit
UK Fiscal Watchdog Warns Andy Burnham Government Faces One Hundred Billion Pound Budget Challenge
The AI Invoice Shock: Layoffs Didn't Save Managers Money — They Cost Them More
Concern: Sexually Transmitted Bacterium Among Men Develops Antibiotic Resistance
Following Massive Investor Demand: SK Hynix Raises 26.5 Billion Dollars on Nasdaq
Passenger Partially Pulled Out of Ryanair Jet After Cabin Window Fails Mid-Flight
After Four Years, and Under a Heavy Veil of Secrecy: King Charles Meets His Grandchildren, Harry and Meghan's Children
Cross-Party MPs Call for National Climate Emergency Broadcast
Bayeux Tapestry Arrives in the United Kingdom for Landmark Exhibition
United Kingdom Launches Modern Slavery Prevention Programme in Vietnam
Police Warn Against Misinformation Following Disorder in Glasgow
Pension Reform Takes Effect to Consolidate Workplace Savings Industry
Treasury and Bank of England Monitor Economy as Energy Price Pressures Ease
×