The CyberPeace Institute is committed to working to end cyberattacks against the healthcare sector and calls for collective action to stop such attacks.
A ransomware attack against the Costa Rican public health service has forced the shutdown of the digital records system of 1,200 hospitals and clinics which impacts patient care for people across the country. This ransomware attack shows a shocking disregard for lives and patient care, and is strongly condemned.
Cyberattacks against the health care sector must stop. Holding health care services and facilities to ransom is a heinous act. Targeting medical records and digital record keeping is an attack on people, and demonstrates a cynicism and disregard for people’s lives. There is no justification.
The healthcare sector must be able to function free from cyberattack, and the CyberPeace Institute is committed to collective action to protect this critical sector.
Background: A ransomware attack allegedly by the Hive ransomware operator against the Costa Rican public health service forced the shutdown of the digital record-keeping system of 1,200 hospitals and clinics. The attack follows a ransomware attack by the Conti Group on multiple Costa Rican government departments, following which Costa Rica declared a national emergency. In their messaging, Conti called for the overthrow of the Costa Rican government. This is an explicit action by a group using criminal means to serve a geopolitical agenda, which is an extremely worrying trend. The Conti Group has taken this action after its previous statements regarding support for Russia further to the invasion of Ukraine.