Conti, a group of hackers originated and based in Russia, claimed to have hacked into Costa Rica’s Ministry of Finance’s websites, obtaining 1 terabyte of taxpayers’ information. This was announced by the BetterCyber account through a series of tweets.
The Customs Information System (TICA), which is used by domestic importers and exporters, and customs agencies, as well as the Virtual Tax Administration (ATV), used by large and small taxpayers to file their income tax and sales tax returns (among other tax obligations), were both affected.
Meanwhile, the Ministry of Finance issued a statement in which they informed that given the technical problems experienced in Virtual Tax Administration (ATV) and Customs Information System (TICA) platforms, the deadline for filing and payment of taxes had been extended to the next business day after the computer systems are fully reestablished.
“At this moment the Virtual Tax Administration (ATV) and TICA platforms are out of service. Our technical teams are working to restore them as soon as possible. As soon as the situation is resolved, it will be communicated through this site,” explained the Ministry of Finance via Twitter.
Regarding the imports and exports, authorities announced “The National Customs Service will apply the contingency plan for this activity according to the established procedures. Other operations in the system will be reestablished once the situation is resolved”.
During the afternoon, The Ministry of Finance issued a public statement accepting its platform was hacked. Nevertheless, they did not confirm if Conti was responsible.
“We have been facing a situation in some of our severs since early morning (Monday April 18th) which has been addressed by our staff and external experts, who during the last few hours have tried to detect and repair the problems that are occurring,” the public entity said in a press release.
The Ministry of Science, Innovation, Technology and Telecommunications (Micitt) confirmed they informed Treasury of the alleged “malicious activity” on Sunday April 17th.
The attack orchestrated by the cybercriminals is considered to be a “Ransomware” type, restricting access to files on an infected system by encrypting them and requesting money to reverse the situation.
Conti asked the Costa Rican government for $10 million, in exchange for not publishing the information. “We’re asking for just $10 million to keep your taxpayer data” reads a post from the BetterCyber account on Twitter. According to Conti, without the ransom, they would begin to expose the data as of April 23rd.
