Jack Rhysider

Hmm. Sorry, I had a bad connection with Omar when we were talking. So let me repeat that for you. Omar worked in the CCERT for the Dominican Republic. CCERT is an acronym which stands for Cyber Security Incident Response Team. And this CCERT unit falls under the Department of Defense in the Dominican Republic. So when cyber attacks threaten national security, Omar was there to review it.

Hmm. Sorry, I had a bad connection with Omar when we were talking. So let me repeat that for you. Omar worked in the CCERT for the Dominican Republic. CCERT is an acronym which stands for Cyber Security Incident Response Team. And this CCERT unit falls under the Department of Defense in the Dominican Republic. So when cyber attacks threaten national security, Omar was there to review it.

But what's more is the Dominican Republic CCERT is part of a community of other incident response teams within Latin America.

But what's more is the Dominican Republic CCERT is part of a community of other incident response teams within Latin America.

What he saw was that 20 different government organizations in Costa Rica were hit with this Conti ransomware. This was a very widespread problem within their government, so it's no wonder they were reaching out for help anywhere they could. Many parts of the Costa Rican government came to a halt, and they were frantic over there.

What he saw was that 20 different government organizations in Costa Rica were hit with this Conti ransomware. This was a very widespread problem within their government, so it's no wonder they were reaching out for help anywhere they could. Many parts of the Costa Rican government came to a halt, and they were frantic over there.

But this gave Omar the ability to research and understand this Conti ransomware better.

But this gave Omar the ability to research and understand this Conti ransomware better.

Wow, that's really remarkable. See, when I hear that 20 departments were hit, I immediately think that there must be some central connection that allowed the malware to spread internally. You know, like if you can get in through the front door, now you can take a tunnel to all the other buildings or something.

Wow, that's really remarkable. See, when I hear that 20 departments were hit, I immediately think that there must be some central connection that allowed the malware to spread internally. You know, like if you can get in through the front door, now you can take a tunnel to all the other buildings or something.

But no, what Omar saw was that each of these 20 departments were infected separately, some of which were infected through phishing emails and some from malware put right on systems that were connected to the Internet. But just because the malware got inside each of these places, it didn't actually turn on until the right time.

But no, what Omar saw was that each of these 20 departments were infected separately, some of which were infected through phishing emails and some from malware put right on systems that were connected to the Internet. But just because the malware got inside each of these places, it didn't actually turn on until the right time.

It was coordinated that when enough systems got infected, it would trigger the ransomware to lock all the computers at once and demand payment to unlock them. Now, the motive behind putting ransomware on systems like this is typically just to make money. I believe they were asking for $20 million to unlock Costa Rica's systems. So whoever did this seemed to be there only for financial gain.

It was coordinated that when enough systems got infected, it would trigger the ransomware to lock all the computers at once and demand payment to unlock them. Now, the motive behind putting ransomware on systems like this is typically just to make money. I believe they were asking for $20 million to unlock Costa Rica's systems. So whoever did this seemed to be there only for financial gain.

Costa Rica got their systems fixed up, and I don't think they paid the ransom. They had backups and restored, but Omar saw how this malware operated and worked. And he saw the methods they used to get in, and took this new knowledge to scan the Dominican Republic's national computer infrastructure to see if anything matched what was on Costa Rica's systems.

Costa Rica got their systems fixed up, and I don't think they paid the ransom. They had backups and restored, but Omar saw how this malware operated and worked. And he saw the methods they used to get in, and took this new knowledge to scan the Dominican Republic's national computer infrastructure to see if anything matched what was on Costa Rica's systems.

After all, the malware seemed to be present in Costa Rica's network for a while before it actually executed. So he looked through computer after computer and scanned lots of systems looking for things that matched what he saw in Costa Rica. He didn't find anything, actually, which seemed like the Conti ransomware gang wasn't targeting the Dominican Republic, which was good.

After all, the malware seemed to be present in Costa Rica's network for a while before it actually executed. So he looked through computer after computer and scanned lots of systems looking for things that matched what he saw in Costa Rica. He didn't find anything, actually, which seemed like the Conti ransomware gang wasn't targeting the Dominican Republic, which was good.

But then, while looking for malware in the network, he noticed something. Someone had defaced a Dominican Republic government's website. They found a vulnerability on the web server and changed the pictures and text to something else. So he zoomed into this to investigate.

But then, while looking for malware in the network, he noticed something. Someone had defaced a Dominican Republic government's website. They found a vulnerability on the web server and changed the pictures and text to something else. So he zoomed into this to investigate.