President Rodrigo Chaves Robles ordered an investigation of the Technology Directorate of the Costa Rican Social Security Fund. Chaves also requested that those responsible be sanctioned if it is proven they were negligent or irresponsible after the cyber-attack.
The Governing Council met today and, after reviewing the report the situation of the Fund, the Council described it as “serious and severe.”
“I have asked the Executive President to act immediately and in accordance with the emergency decree signed by the Government, to investigate and sanction those responsible for the Technology Department of the Fund who are proven to have acted negligently or irresponsibly,” mentioned Chaves.
“In the Social Security Fund, even though licenses were available, only 13 computers had this program installed. This is unacceptable. I am not going to judge beforehand, but there is a very clear order from Álvaro Ramos and myself to investigate this to the very bottom and to take the corresponding sanctions with the full force of the law”, he added.
The investigation requested by Rodrigo Chaves, will be used to determine the responsibilities and hold accountable those who failed in their duty to protect the country.
“In the case of the Fund, I think there is an aggravating factor because the country was under attack and we have to determine whether or not there was negligence. If there is sufficient cause, we will act,” further explained President Chaves.
The Social Security Fund rendered a report, in which they mentioned that out of over 1500 computers, 30 were affected by the cyberattack. An update will be given to the Council, once new data and information are discovered.
The Director of Information and Communication Technologies, Roberto Blanco Topping, said they received the first reports at 2 a.m. on May 31 from the San Vicente de Paúl Hospital, in Heredia. Then followed the Enrique Baltodano Hospital, in Liberia and soon after the rest of the hospitals in the Greater Metropolitan Area.
The Fund’s authorities have insisted since Tuesday that the hacking attempt failed to penetrate the databases because of the rapid institutional response.
Alvaro Ramos, Executive President, described the cyberattack as “violent.” He also informed que no se logró robar información de EDUS y el Sistema Centralizado de Recaudación (Sicere), which are platforms where payrolls of over one million workers throughout the country are stored.