Cyber Incident Victim: Ministerio de Obras Públicas y Transportes
Date:
Jan 2023
Location:
Costa Rica
Summary
A ransomware attack compromised approximately twelve servers at the Ministerio de Obras Públicas y Transportes, leading to preventive suspensions of some systems. Authorities confirmed no critical services were disrupted and activated protocols to maintain operations while minimizing user impact. The incident, communicated publicly after delays, marked the first government cyberattack of the year following a series of similar breaches targeting Costa Rican institutions in the previous period, including high-impact incidents at the finance ministry and social security agency.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
On January 17, 2023, the Ministerio de Obras Públicas y Transportes (MOPT) of Costa Rica experienced a ransomware attack compromising approximately twelve servers. The intrusion began in the early hours of that Tuesday, though authorities did not publicly acknowledge the incident until late in the day. Attackers employed ransomware—a method involving data encryption and extortion—to seize control of the systems. The Ministry of Science and Technology formally confirmed the breach via an official statement, characterizing it as a targeted cybercrime operation. As a containment measure, MOPT proactively suspended access to certain affected systems to prevent further propagation. Initial assessments indicated no disruption to critical public services despite the operational interruptions.
Authorities activated emergency protocols to maintain essential MOPT functions and minimize user impacts during the recovery process. The delayed public notification followed internal response procedures, including forensic analysis and system isolation. This incident marked the first confirmed cyberattack against a Costa Rican government institution in 2023, following a series of high-profile breaches in 2022 that affected entities including the Ministry of Finance and the Social Security Fund. No data theft or secondary compromises were disclosed in initial reports. The preventive suspension of non-critical systems remained the primary documented operational consequence while restoration efforts continued.