Costa Rica Declares National Emergency in Response to Ransomware Attack

September 30, 2022


For the last two months (April/May 2022) Costa Rica has been under siege. Two major ransomware attacks have crippled many of the country’s essential services, plunging the government into chaos as it scrambles to respond. Officials say that international trade ground to a halt as the ransomware took hold and more than 30,000 medical appointments have been rescheduled, while tax payments have also been disrupted. Millions have been lost due to the attacks, and staff at affected organizations have turned to pen and paper to get things done.

Impact: 8 Major Gov. Agencies and services shutdown (30+ hit in total). National State of Emergency declared by President. Can't collect taxes, delays processing imports/exports, 10k+ public employees can't be paid. Medical attention and surgeries delayed or halted due to attack on Public Health (CCSS), container freight shipments slowed to a trickle at the port of Limón

Conti claimed responsibility for the first attack against Costa Rica’s government and is believed to have some links to the ransomware-as-a-service operation HIVE, which was responsible for the second attack impacting the health care system.

Incident Date

April 11, 2022


Costa Rica

Estimated Cost

Major Government services attack: reportedly millions.


Type of Malware

Threat Source

No threat source identified