The Associated Press
reports that the Hive ransomware gang
was able to compromise at least 30 of the Costa Rican Social Security agency's servers, prompting a systems shutdown at the country's public health agency.
Costa Rica promptly took down its health agency's systems to prevent further compromise, similar to what has happened in earlier attacks against the country by the Conti ransomware group. Hive had demanded $5 million worth of Bitcoin as payment for systems decryption. While the attack did not impact payroll and pension, the intrusion has hindered the country from updating its COVID-19 case counts.
Meanwhile, Emsisoft's Brett Callow noted that the latest attack against Costa Rica indicates a working relationship between Hive and Conti, which traditionally performed separately from each other.
“At a minimum, it would seem that somebody who works with Conti is also working with Hive. Conti likely partnered with other ransomware operations because its been increasingly challenging for them to collect payments since declaring their support for Russia and threatening attacks on U.S. critical infrastructure," said Callow.