{
	"id": "123eb2db-97ed-4d11-b490-7aafaa40cd31",
	"created_at": "2026-04-06T00:13:06.838092Z",
	"updated_at": "2026-04-10T03:21:43.229732Z",
	"deleted_at": null,
	"sha1_hash": "88089009133ee6eb01299e926a8e476ca4b2286b",
	"title": "Conti ransomware attack was aimed at destabilizing government transition, Costa Rican president says",
	"llm_title": "",
	"authors": "",
	"file_creation_date": "0001-01-01T00:00:00Z",
	"file_modification_date": "0001-01-01T00:00:00Z",
	"file_size": 72956,
	"plain_text": "Conti ransomware attack was aimed at destabilizing government\r\ntransition, Costa Rican president says\r\nBy Jonathan Greig\r\nPublished: 2023-01-12 · Archived: 2026-04-05 15:10:56 UTC\r\nSeveral systems operated by the government of Costa Rica were hit with a ransomware attack this week,\r\naccording to the country’s president Carlos Alvarado Quesada.\r\nThe Conti ransomware group added systems connected to several government agencies to its list of victims on\r\nTuesday and Wednesday. Government officials confirmed Conti’s involvement. \r\nQuesada said the attack was meant to “threaten the stability of the country in a transition situation.” The country\r\nelected a new president – former World Bank official Rodrigo Chaves – on April 4. \r\nQuesada released a video addressing the ransomware attack on Thursday, telling the public that the country will\r\nnot pay the ransom, which some have said is $10 million.\r\n“It is not just an attack on the institutions affected, the government or importers and exporters. It is a criminal\r\ncyberattack on the state and the entire country. It cannot be separated from the complex global geopolitical\r\nsituation in a digitalized world,” he said. \r\n“There are several institutions that have been attacked, the most notable being the Ministry of Finance. Pension\r\npayments have already been deposited and social assistance, such as the Let's Advance program, will start\r\ntomorrow as is scheduled. The same will be done next week with the public forms as well work is being done to\r\nstandardize import and export processes.” \r\nQuesada said the country was receiving support and assistance from private sector companies as well as the US,\r\nIsrael and others. \r\nFinance Minister Elian Villegas told Reuters that the group breached the platforms managing customs, which\r\nincluded troves of historical taxpayer information considered \"sensitive.\" \r\nOne exporter union estimated that $200 million was lost on Wednesday due to the bottlenecks caused by a fourth\r\nday of outages related to the disruption of the tax and customs platforms. \r\nThe Finance Ministry warned the country’s residents to be wary of phishing messages asking to create a new set\r\nof passwords.\r\nBusiness leaders told the Associated Press that they were fearful of financial and personal information being\r\nstolen, leaked to the press or sent to government officials. \r\nThe outgoing president signed a directive on Thursday that made it mandatory for all government bodies to report\r\nsecurity incidents to the country’s Computer Security Incident Response Center. The directive also orders all\r\nhttps://therecord.media/conti-ransomware-attack-was-aimed-at-destabilizing-government-transition-costa-rican-president-says/\r\nPage 1 of 3\n\nagencies to patch systems, change passwords, disable unnecessary ports and monitor network infrastructure. \r\nGet more insights with the\r\nRecorded Future\r\nIntelligence Cloud.\r\nLearn more.\r\nNo previous article\r\nNo new articles\r\nJonathan Greig\r\nis a Breaking News Reporter at Recorded Future News. Jonathan has worked across the globe as a journalist since\r\n2014. Before moving back to New York City, he worked for news outlets in South Africa, Jordan and Cambodia.\r\nHe previously covered cybersecurity at ZDNet and TechRepublic.\r\nhttps://therecord.media/conti-ransomware-attack-was-aimed-at-destabilizing-government-transition-costa-rican-president-says/\r\nPage 2 of 3\n\nSource: https://therecord.media/conti-ransomware-attack-was-aimed-at-destabilizing-government-transition-costa-rican-president-says/\r\nhttps://therecord.media/conti-ransomware-attack-was-aimed-at-destabilizing-government-transition-costa-rican-president-says/\r\nPage 3 of 3",
	"extraction_quality": 1,
	"language": "EN",
	"sources": [
		"ETDA"
	],
	"references": [
		"https://therecord.media/conti-ransomware-attack-was-aimed-at-destabilizing-government-transition-costa-rican-president-says/"
	],
	"report_names": [
		"conti-ransomware-attack-was-aimed-at-destabilizing-government-transition-costa-rican-president-says"
	],
	"threat_actors": [],
	"ts_created_at": 1775434386,
	"ts_updated_at": 1775791303,
	"ts_creation_date": 0,
	"ts_modification_date": 0,
	"files": {
		"pdf": "https://archive.orkl.eu/88089009133ee6eb01299e926a8e476ca4b2286b.pdf",
		"text": "https://archive.orkl.eu/88089009133ee6eb01299e926a8e476ca4b2286b.txt",
		"img": "https://archive.orkl.eu/88089009133ee6eb01299e926a8e476ca4b2286b.jpg"
	}
}