Conti ransomware cripples systems of electricity manager in Costa Rican town

Conti’s wide-ranging ransomware attack on Costa Rica has expanded, taking down the administrative systems of the government agency managing the electricity in Cartago. 

Junta Administrativa del Servicio Eléctrico de Cartago (JASEC), which runs the electricity in the city of about 160,000 people, has released several notices on Facebook explaining that all of its administrative systems were encrypted this weekend.

General manager Luis Solano said in a statement that the attack began on Saturday and encrypted the servers used to manage the organization's website, e-mail, administrative collection systems and more. 

Experts have been hired to determine if customer data was extracted by Conti operators. The ransomware group has cut off the ability of customers to pay for electricity and internet bills. JASEC has suspended all bill paying until the situation is resolved. 

"It is important to emphasize to all our customers that electricity and internet services operate normally,” Solano said.  


The letter sent to customers on Sunday. Image: Facebook

The Conti ransomware group added JASEC to its list of victims on Monday. 

In a speech last week, the country’s outgoing president, Carlos Alvarado Quesada, called the Conti ransomware attack on several government agencies an attempt to “threaten the stability of the country in a transition situation.” The country elected a new president – former World Bank official Rodrigo Chaves – on April 4. 

Quesada added that the country will not pay the ransom, which some have said is $10 million.

Several government agencies – most notably the Finance Ministry – were added to Conti’s list of victims on Tuesday and Wednesday. 

Finance Minister Elian Villegas told Reuters that the group breached the platforms managing customs, which included troves of historical taxpayer information considered “sensitive.” 

One exporter union estimated that $200 million was lost on Wednesday due to the bottlenecks caused by a fourth day of outages related to the disruption of the tax and customs platforms. 

The Finance Ministry warned the country’s residents to be wary of phishing messages asking to create a new set of passwords.

Business leaders told the Associated Press that they were fearful of financial and personal information being stolen, leaked to the press or sent to government officials.

Get more insights with the
Recorded Future
Intelligence Cloud.
Learn more.
No previous article
No new articles
Jonathan Greig

Jonathan Greig

is a Breaking News Reporter at Recorded Future News. Jonathan has worked across the globe as a journalist since 2014. Before moving back to New York City, he worked for news outlets in South Africa, Jordan and Cambodia. He previously covered cybersecurity at ZDNet and TechRepublic.