Following a large ransomware assault on the Costa Rican government in April, the US government issued a notice this week imposing a bounty on those associated with the Conti ransomware used in the hack, which may be worth millions of dollars. According to CyberScoop, Costa Rica’s newly sworn-in president, Rodrigo Chaves Robles, declared a national emergency as a result of the assault.
According to BleepingComputer, the ransomware assault hit Costa Rica’s finance, labor, and social security ministries, as well as the country’s Social Development and Family Allowances Fund. The attack, according to the report, started on April 18th and disrupted several treasury functions. According to CyberScoop, hackers are releasing data as well as taking down some of the government’s systems. Nearly 700GB of data has made its way onto Conti’s site.
The assault “severely damaged the country’s external trade by disrupting its customs and taxation platforms,” according to the US State Department, which is offering “up to $10 million for information leading to the identity and/or location” of the perpetrators behind Conti. A $5 million reward is now being offered by the US government for information “leading to the arrest and/or conviction of any anyone in any nation conspiring to engage in or trying to participate” in a Conti-based ransomware assault.
The US announced comparable bounty on REvil and DarkSide last year (the group behind the Colonial Pipeline attack). After the US allegedly hacked the group’s computers and the Russian government claimed to have arrested some members, REvil is widely assumed to be defunct.