This Week in Cyber: May 16th - May 20th - Digital Security by Design

This Week in Cyber: May 16th – May 20th

On Monday, the 16th of May, the recently appointed President Rodrigo Chaves of Costa Rica, made a statement to the press, rallying support from international allies as he claimed they are “at war”. Against what? you might ask. Well, against the ransomware group, Conti.

He went on to explain that at least 27 government agencies, including the Ministry of Finance, state-run utilities and municipalities, were targeted. As a result, the government has been struggling to collect taxes, and the country is facing delays in foreign trade activity. The group had also hiked its ransom demand from what was US$10 million originally, to US$20 million. They have gone so far as to threaten to “overthrow the government by means of a cyberattack”.

It has not just been Costa Rica that has been under fire either. Chainalysis recently published its 2022 Crypto Crime Report revealing Conti to be the biggest ransomware strain by revenue in 2021. Indeed, they had accumulated at least US$180 million from victims that year alone. Just this week, the US manufacturing conglomerate, Parker, announced that it had suffered a data breach at the hands of Conti; exposing the personally identifiable information (PII) of its employees.

So, with all the success they appeared to be having, it came as a great surprise to hear that the gang had officially shut down its operations and taken its infrastructure offline. According to Yelisey Boguslavskiy, researcher at Advanced Intel, though Conti News data leak and ransom negotiation websites remained online, internal panels and hosts are now offline. It has been suggested that their ‘war’ with Costa Rica was simply an attempt at charades, as members dispersed into smaller groups such as BlackCat, Hive, BlackBasta etc. in order to ‘rebrand’.

Whatever the case, whether as a larger operation or disbanded into small coalitions, ransomware actors will frequently leverage the same threat vectors, including the exploitation of vulnerabilities. According to Ivanti’s Ransomware End of Year Spotlight report, 65 new vulnerabilities were identified in 2021 that are known to have been exploited by ransomware gangs. They highlighted that this was an increase of 29% year-over-year, proving once again the important work being conducted by UKRI’s Digital Security By Design Programme to build security into technology from the start and limit the impact of vulnerabilities.

You can find out more about the Industrial Strategy Challenge Fund here

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

This Week in Cyber: May 16th – May 20th

Related links

Related news articles

This Week in Cyber: Nov 29th – Dec 3rd 2021

This Week in Cyber: Nov 22nd – 26th 2021

This Week in Cyber: Nov 15th – 19th 2021

Sign up to the newsletter