Cyber Attack Hacks Costa Rica Government Systems, Departments Involved Halt Services
2022-04-25 | Vinchin Official
Costa Rica government computer systems has crippled for nearly a week since a ransomware attack on April 18, the government had to disable related services since then, though it refused to pay an alleged $10 million ransom while attempting to work things out and bracing for the release of stolen data by hackers.
The hackers accessed sensitive taxpayer information and stole more than 850 gigabytes of material, leading a wide-spread concern about the abuse of stolen information and potential economic losses. The Finance Ministry was the first to bear the brunt and ensuing attacks affected its subordinate systems from tax collection to importation and exportation processes of the customs. Human resources system from social security agency and Labor Ministry followed.
Reuters reports that tax, customs and other platforms’4 days suspension caused a bottleneck in imports and exports, and the exporters chamber of the country reported $200 million losses. Costa Rica normally exports $38 million worth of goods on a daily basis.
Russia based cyber crime Conti was blamed for the incident but the Costa Rica government did not respond on the matter. The intelligent analyst Allan Liska said that the Conti encrypted government files for ransomware or they disclose the stolen data if unpaid. Similar case happened a year ago when Conti ransomware attacked Ireland’s health system.
Costa Rican president Carlos Alvarado asserted the cyberattack on government systems was aimed at destabilizing the country, while the security expert believed it’s because the mostly likely explanation was that the cybercriminals detected the vulnerabilities of Costa Rica computers and exploited them.
Much ink has been spilled over ransomware and the victim enterprises under the threat of it, but what about the way to prevent cyberattacks? They're not 100% evitable, and the only yet most useful thing we can do is to put the anti-cyberattack awareness into daily practice to minimize the loss.
Here are some tips:
1. Antivirus and firewalls
The computer loopholes can be a window for hackers to drop the malware. So, install trustworthy malware software, firewalls and e-mail filters to ensure maximum security. Scan the computer with the software in schedule. Don’t forget to update and patch your computer.
2. Employee training
Make sure your staff aware of the risks and common tricks related to data breaches and arm them with the corresponding measures to be taken in such situations. Besides, IT team can test the disaster scenarios for preparation.
3. Needs-based access with strong passwords
Limit access to sensitive information and remove the access right of dormant or retired employees. Set an alarm trigger for unauthorized access to security team. A strong password is a must. Use combinations different from your personal information on different systems with longest password and two-factor authentication.
4. Threat detection
Have an automated threat detection system for suspicious activities in place to avoid the spread and send notice to the IT team to take action.
5. Frequent data backups
Building a backup environment for your critical data is a must-have for stable IT operations. You can have frequent backups to ensure the maximal data integrity and availability of your important business data, which should be combined with disaster recovery plans for better effect.
6. Establish a complete disaster recovery plan
Save extra data copies at a remote site ensures you have another guarantee for effective data and business recovery after your primary data center is locked by malware. Regular emergency drills are also recommended.
Besides internally getting prepared on your own, proper support from the external side can also be much helpful, especially when you're setting up a backup and disaster recovery plan.
With virtualization becoming a trend in enterprise-grade data centers, Vinchin Backup & Recovery can be a reliable data protection solution for your mission-critical virtual machines, offering agentless, automated frequent VM backup, offsite backup copy, and cloud archive features to help you get fully prepared before cyberattacks.