HomeNewsMajor Ransomware Attacks in Peru and Costa Rica Spell More Trouble for Region
NEWS

Major Ransomware Attacks in Peru and Costa Rica Spell More Trouble for Region

COSTA RICA / 3 MAY 2022 BY SCOTT MISTLER-FERGUSON EN

A cybercrime group that has threatened to release troves of stolen data from the Costa Rican government has now hit Peru's intelligence agency, showing how governments in the region continue to be easy pickings for ransomware attacks.

The Russian cybercrime group known as Conti announced on April 27 that it had hacked the website of Peru’s National Directorate of Intelligence, local media outlet La República reported. The group has threatened to publish stolen data, which it claims is sensitive, if the government did not pay a ransom.

Just two days later, Conti renewed its pressure on Costa Rica's government. The group said it planned to move onto the “second stage” of its attack and publish the 46 gigabytes of information it stole from the country's finance and labor ministries, as well as other government agencies. The group also warned that the private sector would also be targeted if it did not receive $10 million, reported El Observador. Costa Rica has thus far refused to pay.

SEE ALSO: Latin America Under Threat of Cybercrime Amid Coronavirus

Conti, nicknamed after the software it uses, is considered the largest ransomware gang in the world. The group specializes in so-called big game hunting, which involves selecting high-value institutions for greater payouts and notoriety. In 2021, the group pulled off more than 500 ransomware attacks, according to SC Media, a specialized cybersecurity news outlet.

InSight Crime Analysis

The escalation of cyberattacks on Latin American governments has become increasingly apparent in recent years. Costa Rica and Peru are just the latest targets in a region where institutions lack the resources or capabilities to defend their critical digital infrastructure.

For example, in the Peru attack, Conti's message to the National Directorate of Intelligence specifically noted that there was no data encryption on the network. 

The year 2021 saw an explosion of ransomware attacks in the region. As reported by InSight Crime, in December Brazil’s Ministry of Health was hacked by the cybercrime gang, Lapsus$. Platforms affected included those that tracked COVID-19 vaccinations. Brazil has also suffered 13 separate cyberattacks on its court system in the past 18 months, according to Consultor Jurídico.

In October, information on Argentina's entire population of 44 million was allegedly stolen after the country's National Registry of Persons (Registro Nacional de las Personas - RENAPER) was infiltrated.

In Chile, a customs agency in Valparaíso was similarly infiltrated by the ransomware group Prometheus, which specializes in Latin American targets.

According to digital threat protection platform AdvIntel, a lack of technical expertise and cybercrime legislation are at the root of Latin America's digital vulnerabilities. An Inter-American Development Bank report appears to support this conclusion. At the beginning of 2020, just 12 of the 33 countries in the region had an approved national cybersecurity strategy. 

Steph Shample, a cybersecurity expert and fellow at the Middle East Institute, explained to InSight Crime that Conti is extremely well-organized and careful in selecting targets from which to steal troves of sensitive data.

SEE ALSO: Latin American Governments Easy Prey for Ransomware During COVID-19

According to Shample, the group uses malware like Trickbot and Emotet for initial access to an organization. Defending against such attacks is complicated by human error. When just one employee clicks on a malicious link, an organization's entire critical infrastructure can be compromised.

"They'll get additional credentials. They can read private emails, and read private chats in any company. It only takes one vulnerability and then everything is out there."

share icon icon icon

Was this content helpful?

We want to sustain Latin America’s largest organized crime database, but in order to do so, we need resources.

DONATE

What are your thoughts? Click here to send InSight Crime your comments.

We encourage readers to copy and distribute our work for non-commercial purposes, with attribution to InSight Crime in the byline and links to the original at both the top and bottom of the article. Check the Creative Commons website for more details of how to share our work, and please send us an email if you use an article.

Was this content helpful?

We want to sustain Latin America’s largest organized crime database, but in order to do so, we need resources.

DONATE

Related Content

ARGENTINA / 1 FEB 2022

In 2021, most countries in Latin America and the Caribbean experienced a marked increase in murders. Resurgent violence was to…

COSTA RICA / 2 FEB 2023

Countries across Latin America continue to make stubbornly little progress in the fight against corruption.

BRAZIL / 22 NOV 2021

For the last few weeks, the twists and turns in the case of the Pharaoh of Bitcoins have constantly made…

About InSight Crime

THE ORGANIZATION

Escaping Barrio 18

27 JAN 2023

Last week, InSight Crime published an investigation charting the story of Desafío, a 28-year-old Barrio 18 gang member who is desperate to escape gang life. But there’s one problem: he’s…

THE ORGANIZATION

Europe Coverage Makes a Splash

20 JAN 2023

Last week, InSight Crime published an analysis of the role of Amsterdam’s Schiphol Airport as an arrival hub for cocaine and methamphetamine from Mexico.  The article was picked up by…

THE ORGANIZATION

World Looks to InSight Crime for Mexico Expertise

13 JAN 2023

Our coverage of the arrest of Chapitos’ co-founder Ovidio Guzmán López in Mexico has received worldwide attention.In the UK, outlets including The Independent and BBC…

THE ORGANIZATION

InSight Crime Shares Expertise with US State Department

16 DEC 2022

Last week, InSight Crime Co-founder Steven Dudley took part in the International Anti-Corruption Conference organized by the US State Department’s Bureau of Democracy, Human Rights, & Labor and…

THE ORGANIZATION

Immediate Response to US-Mexico Marijuana Investigation

9 DEC 2022

InSight Crime’s investigation into how the legalization of marijuana in many US states has changed Mexico’s criminal dynamics made a splash this week appearing on the front page of…