According to HealthcareInfoSecurity, Costa Rica’s national public health services agency has been hit by a cyberattack allegedly launched by ransomware group Hive, which comes just weeks after another ransomware group, Conti, targeted several Costa Rican government agencies, including the same health agency. Privacy, cybersecurity and data strategy counsel Jason G. Weiss addressed the trend of ransomware groups appearing to join forces.
“It appears that some of these ransomware gangs may be collaborating and even sharing information to other gangs in order to increase the number and severity of attacks, possibly to try and extort a higher ransom,” said Weiss. “This is a dangerous evolution in the battle against these ransomware gangs as it makes it even harder for victims to protect themselves when there is collaboration and information sharing among the cyberthreat actors.”
Other governments should look at this development “as a huge wake-up call,” Weiss expressed, to perform a proactive review of their critical networks, look for indicators of compromise and indicators of attack, and start hardening their networks as soon as possible.
“It appears that the Costa Rican government had some areas that were open to attack, and that Hive and Conti were able to exploit that,” Weiss explained. “That also tells me that other groups are going to copy this blueprint against not just Costa Rica but other countries to see if they can exploit network weaknesses and launch their malware.”