Page 149 - Cyber Defense eMagazine January 2024
P. 149

Over an 18-month period, Conti accumulated over $180 million in payouts, leading the US Department
            of  State  to  offer  a  $15  million  reward  for  information  leading  to  the  identification  or  conviction  of  its
            members.

            Notably, Conti was responsible for the state of national emergency declared by Costa Rica in 2022, after
            that country refused to pay a $10 million ransom and suffered a 672GB leak of sensitive data from various
            Costa Rican government agencies. Costa Rica’s then newly-elected president, Rodrigo Chaves, declared
            the country “at war” with cybercriminals.

            Similarly, Conti hacked Peru’s premier intelligence agency, which is responsible for national, military and
            police  intelligence,  as  well  as  counterintelligence.  They  succeeded  in  exfiltrating  9.1GB  of  sensitive
            intelligence data.

            The group apparently disbanded  after a crackdown precipitated  by their public support for the Russian
            invasion  of  Ukraine.  Yet  the  bar  they  set  for  sheer  audacity  and  efficacy  in  their  attacks  against
            government targets remains high.



            Most Recent Ransom-War Targets

            In recent months, other ransomware hacking groups seem to be targeting government entities worldwide
            with increasing frequency. Most notably:

               •  In July 2023, the city of Hayward, California declared a state of emergency,  after a ransomware
                   attack breached the city's computer systems and networks.

               •  Also  in July,  Barts Health  NHS Trust  – an  entity within  the  UK’s  national  healthcare  system  –
                   suffered a ransomware attack, potentially leaving data from 2.5 million people at risk.


               •  In February 2023, the city of Oakland, California was hit by a ransomware attack, forcing it to take
                   all systems offline.

               •  That  same  month,  the  U.S.  Marshals  Service  –  a  federal  government  agency  -  suffered  a
                   ransomware attack that exposed sensitive law enforcement information.


               •  In January of 2023, also in the UK, a ransomware attack shut down the Royal Mail, the country’s
                   largest mail delivery service.

               •  Also  in  January,  a  ransomware  attack  on  San  Francicso’s  Bay  Area  Rapid  Transit  Authority
                   (BART) led to the release of sensitive files after the authority refused to pay the ransom.








            Cyber Defense eMagazine – January 2024 Edition                                                                                                                                                                                                          149
            Copyright © 2024, Cyber Defense Magazine. All rights reserved worldwide.
   144   145   146   147   148   149   150   151   152   153   154