Nearly a week ago, social networks and headlines flashed the unthinkable, the government of Costa Rica’s internal systems were hacked by a cyber-criminal gang, demanding $10M in ransom payment. Multiple systems were disrupted as initially reported. According to Infosecurity Magazine, “The gang claims to have stolen 1TB of data in the attack, including 900GB of databases from a tax administration portal and 100GB of internal documents containing personal information which belong to the Ministry of Finance.”
Days later, the same group announced that the website of Peru’s National Directorate of Intelligence, was also hacked, seeking ransom for what the group alleges is sensitive data.
Two trends are clear.
Ransomware is here to stay and continues to get more sophisticated. And government institutions are becoming easy pickings for hackers, as they typically lack the resources or technical expertise and capabilities to defend their critical, digital infrastructure.
While resources and budget are not easy to access and are not infinite, fortunately, there are ways to strengthen security processes and supplement existing solutions to mitigate the threat of ransomware.
Ridge Security is offering free RidgeBot licenses to help Costa Rica recover from this incident.
To help the people and government of Costa Rica, we are offering free licenses of our automated pentesting solution, RidgeBot. RidgeBot delivers vulnerability analysis and risk mitigation to help organizations and victims survive a ransomware attack. Incident responders can rely on RidgeBot to identify and validate exploitable risks among vast volumes of vulnerabilities and have faster response and remediation to the ransomware attacks. The security admin is informed of dangerous, successfully exploited vulnerabilities and shown the exact attack path that allowed that system to be compromised. Security admins can then quickly and proactively close all the vulnerabilities in their infrastructure.
Our software comes pre-configured with a template specifically to combat ransomware attacks and close any window of opportunity to malicious hackers.
We are here to help. Please reach out to firstname.lastname@example.org.