Costa Rica’s state-owned energy provider, RECOPE, faced a ransomware attack last week, leading to a major disruption in operations. The attack forced the company to switch to manual processes and seek assistance from cybersecurity experts from the United States.
The incident, which was discovered on Wednesday morning, paralyzed RECOPE’s digital systems used for payment processing, necessitating the manual handling of fuel sales. Operations at tanker terminals were stretched late into the night and expanded the following day to ensure continuity in fuel supply across the country.
Despite the challenges posed by the ransomware attack, RECOPE assured the public that there were no shortages of fuel and that the organization had ample inventories to meet demand. The company worked closely with Costa Rica’s Ministry of Science, Innovation, Technology, and Telecommunications (MICITT) to address the situation promptly.
Karla Montero, President of RECOPE, acknowledged the increased demand for fuel due to concerns about potential shortages following the cyber incident. She mentioned that cybersecurity experts from the U.S. had arrived to assist in gradually restoring some systems, but emphasized the importance of continuing manual operations until the safety of processes could be fully guaranteed.
In parallel, MICITT issued statements to reassure the public that there had been no impact on the fuel supply in the country and debunk rumors of additional cyberattacks on national institutions. The government of Costa Rica had previously experienced multiple ransomware attacks, prompting President Rodrigo Chaves to declare a state of emergency to address the widespread disruptions in critical services.
The Conti ransomware gang was behind the attacks that targeted various government systems in Costa Rica, including the tax system, Ministry of Transport, customs services, electricity, healthcare facilities, and more. In response to the escalating cyber threats, the United States provided $25 million to enhance Costa Rica’s cyber defenses and invited the country to participate in the Counter-Ransomware Initiative led by the Biden administration.
Reflecting on the severity of the situation, President Chaves highlighted the significance of addressing cybersecurity threats to safeguard the functioning of the state. The collaboration between Costa Rica and the United States in combating ransomware attacks underscores the global impact of cyber incidents on critical infrastructure and the need for collective defense mechanisms.
As RECOPE continues to recover from the ransomware attack, efforts are underway to fortify cybersecurity measures and restore normal operations. The resilience demonstrated by the organization in managing the crisis reflects the importance of proactive cybersecurity strategies in safeguarding vital services and infrastructure against evolving threats in the digital landscape.