At a glance.
- Conti attacks lead Costa Rican President to declare state of emergency.
- US election security team reconvenes for midterms.
- SHIELDS UP, explained.
- Spanish government replaces CNI director over surveillance scandal.
Conti attacks lead Costa Rican President to declare state of emergency.
The government of Costa Rica has declared a state of national emergency as a result of Conti ransomware attacks that targeted several government bodies last month. Newly elected President Rodrigo Chaves stated on Sunday, "The attack that Costa Rica is suffering from cybercriminals, cyberterrorists is declared a national emergency and we are signing this decree, precisely, to declare a state of national emergency in the entire public sector of the Costa Rican State and allow our society to respond to these attacks as criminal acts.” Bleeping Computer notes that as of yesterday, Conti claims to have leaked 97% of the 672 GB of data allegedly stolen from Costa Rican government bodies. The Treasury Department’s digital services have been down since April 18, disrupting government procedures that impact the country’s entire production sector. The Administrative Board of the Electrical Service of the province of Cartago, the Ministry of Science, Innovation, Technology, and Telecommunications, the National Meteorological Institute, Radiographic Costarricense (Racsa), and the Costa Rican Social Security Fund are among the other impacted government entities. Conti previously requested a $10 million ransom, which the government reportedly refused to pay, and Conti threat actor "UNC1756" has threatened the government with future attacks of "a more serious form."
US election security team reconvenes for midterms.
Amidst concerns that foreign influences (in other words, Russia) could attempt to meddle with the upcoming midterm elections, the US has reassembled its election security team, Data Center Knowledge reports. “We’re less than 200 days before our nation goes to vote for midterm elections, and I assure you that we are ready and we will be ready going forward,” General Paul Nakasone, who leads the National Security Agency (NSA) and U.S. Cyber Command (CYBERCOM), said at a recent summit on modern conflict. The team, which was first convened to defend the 2018 midterms from Russian meddling, is composed of military and civil personnel from NSA and CYBERCOM, who will collaborate with the Federal Bureau of Investigation, the Cybersecurity and Infrastructure Security Agency (CISA), and National Guard. They will be jointly led by Brigadier General Victor Macias and NSA senior executive Anna Horrigan. Major General William J. Hartman, who leads the national cyber mission force responsible for defending against foreign threats, said US sanctions against Russia for the war in Ukraine will likely lead Russia to retaliate by attempting to influence the elections. “I expect that there will be a fair amount of domestically generated information that the Russians will freely amplify,” General Hartman stated.
SHIELDS UP, explained.
The Hacker News offers a breakdown of SHIELDS UP, CISA’s guidance to US organizations on protecting their systems in the midst of increased cyberagression from Russia as a result of the war in Ukraine. With more than twenty instructions in total, SHIELDS UP might appear to be a lot to digest, but many of the recommendations, like limiting user privileges and patching known vulnerabilities, are common sense practices that most organizations should already have in place. For organizations who have discovered gaps in their security protocols, it is recommended that they collaborate with an external security partner. Live, automated patching tools can also go a long way in ensuring that organizations stay current on any security updates.
In the midst of surveillance scandal, Spanish government replaces CNI director.
Following the discovery that Pegasus spyware was placed on the phones of Spanish politicians and activists, including the Prime Minister and many Catalan separatists, the Washington Post reports that Spain has fired the director of National Intelligence Center (CNI), Paz Esteban. As the country’s top intelligence agency, CNI has been under fire for its role in the surveillance of the separatists and for taking a year to discover the hacking of the government officials’ devices. Defense Minister Margarita Robles, whose phone was also found to be infected by Pegasus, announced Esteban’s dismissal. “That (the hacks of government phones) took a year to discover, well, it is clear there are things that we need to improve,” Robles stated. Esteban will be replaced by Esperanza Casteleiro, a 40-year veteran at the agency who has served as secretary of defense since 2020. Popular Party President Alberto Nuñez Feijóo, the leader of Spain’s opposition conservatives, said he is less than pleased with Esteban’s removal, feeling that she was sacrificed to appease the separatist movement. “It is a monstrosity that Sánchez offers the head of the CNI director to the separatists, once again weakening the state to assure his survival,” Feijóo tweeted.