Cyble Research Labs noticed an increase in ransomware incidents in the second quarter of 2022, few of these led a deep impact on the victims, like attack against the Costa Rican government which led to the countrywide crisis.
Experts warn of ransomware operations targeting government organizations, finding 48 government organizations across 21 countries that suffered 13 ransomware attacks this year. Researchers at Cyble say that hacking groups have modified their strategies, going from enterprises to small states threatening to destabilize government operations.
Small states become easy targets because of the low levels of critical infrastructure security due to low finances to protect them.
The notorious ransomware group Conti began targeting the Costa Rican government in April 2022. "A similar attack was seen in May 2021, when the gang targeted Ireland’s publicly funded health care system and demanded a ransom of USD20 million.
The timing could be a pure coincidence; however, Conti was seemingly trying the same tactics with Costa Rica, but this time on a larger scale, shortly after a change in government in the country," reads a Cyble post.
After the Costa Rica incident, the Conti ransomware gang also attacked Peru. Other incidents of ransomware attacks were reported in Latin America, which includes Brazil and Peru governmental organizations.
"Cyble Research Labs conducted research over vulnerable instances of the Peruvian government’s cyberinfrastructure and identified 21 instances from 11 ministerial websites with the most exploited CVEs from 2021," says Cyble.
Experts also report sales on underground cybercrime platforms of data extraction from the server of government organizations.
It includes the Federal Court of Malaysia, the Ministry of Energy and Natural Resources, the Department of Management Services under the Malaysian Ministry of Personnel and Organizational Development, the Civil Service Commission of the Republic of Philippines, and the National Bank of Angola.
Experts have highlighted the need for smaller states to strengthen their threat-finding capabilities and to implement quick response mechanisms to cyberattacks.
Cyble says the importance to spend in capacity building to promote skilled manpower, promote awareness among users, and lessen the technology gap to mitigate their risk impact.