ArchiveOODA OriginalSecurity and Resiliency

Costa Rica in a State of Emergency: Is Conti Gang Cyber Attack a “Sphere of Influence” Shot Across the Bow?

When it comes to the current cyberwar, from the emergence of “protestware (aka sabotaging open-source code as a form of hacktivism) or a series of unique Joint CSAs (such as the recent Joint Cybersecurity Advisory, such as the recent Five Eyes Joint CSA on the Russian State-Sponsored and Criminal Cyber Threats to Critical Infrastructure), we have tried to capture in the pages of OODA Loop what one OODA Network member characterized in our recent monthly meeting as “a tremendous amount of free fire activity from a variety of uncontrolled, unilateral, private actors”:

“At any moment, any one of these could pop and be the next headline crisis that you all may have to deal with – because if it’s adjacent to your sector and it hits something inside Russia, they may decide to conduct symmetric retaliation. There is also no guarantee that it will stay symmetric. There’s a very strong likelihood that they will be an interest-based targeting more than simple reciprocity – where the adversary has become attuned to what is driving Western policy concerns in a way that we have not seen before – and that includes the use of proxy actors within the ransomware continuum criminal enterprise.”

It is the not the first time an OODA Loop member was remarkably prescient in their characterization of current geopolitical or strategic risk awareness.  In light of these recent events, we turn now to a very recent incident of interest-based targeting which may be a cyber “shot across the bow” in the Western Hemisphere directed at the U.S. in the larger geopolitical strategic cyberwar.

Timeline of the Attack and Response

Since yesterday, on the day when a new president took the helm in Costa Rica, a state of emergency was declared in the country based on the impact of a cyber-attack by the Russia-affiliated Conti Ransomware Gang.

Following is what the journalist trade calls a “tic-toc” of the incident – with a formative analysis of mitigation efforts and impacts of the attack and ongoing impact of the state of emergency.

To continue reading please consider joining as either a subscriber or full member to support our continued research and analysis. For more on benefits of membership see below.

Want more insight? Log in for the full report

Already a member?  Sign in to your account.

Become A Member

OODA Loop provides actionable intelligence, analysis, and insight on global security, technology, and business issues. Our members are global leaders, technologists, and intelligence and security professionals looking to inform their decision making process to understand and navigate global risks and opportunities.

You can chose to be an OODA Loop Subscriber or an OODA Network Member. Subscribers get access to all site content, while Members get all site content plus additional Member benefits such as participation in our Monthly meetings, exclusive OODA Unlocked Discounts, discounted training and conference attendance, job opportunities, our Weekly Research Report, and other great benefits. Join Here.

Related Reading:

Explore OODA Research and Analysis

Use OODA Loop to improve your decision making in any competitive endeavor. Explore OODA Loop

Decision Intelligence

The greatest determinant of your success will be the quality of your decisions. We examine frameworks for understanding and reducing risk while enabling opportunities. Topics include Black Swans, Gray Rhinos, Foresight, Strategy, Stratigames, Business Intelligence and Intelligent Enterprises. Leadership in the modern age is also a key topic in this domain. Explore Decision Intelligence

Disruptive/Exponential Technology

We track the rapidly changing world of technology with a focus on what leaders need to know to improve decision-making. The future of tech is being created now and we provide insights that enable optimized action based on the future of tech. We provide deep insights into Artificial Intelligence, Machine Learning, Cloud Computing, Quantum Computing, Security Technology, Space Technology. Explore Disruptive/Exponential Tech

Security and Resiliency

Security and resiliency topics include geopolitical and cyber risk, cyber conflict, cyber diplomacy, cybersecurity, nation state conflict, non-nation state conflict, global health, international crime, supply chain and terrorism. Explore Security and Resiliency


The OODA community includes a broad group of decision-makers, analysts, entrepreneurs, government leaders and tech creators. Interact with and learn from your peers via online monthly meetings, OODA Salons, the OODAcast, in-person conferences and an online forum. For the most sensitive discussions interact with executive leaders via a closed Wickr channel. The community also has access to a member only video library. Explore The OODA Community

Daniel Pereira

Daniel Pereira

Daniel Pereira is research director at OODA. He is a foresight strategist, creative technologist, and an information communication technology (ICT) and digital media researcher with 20+ years of experience directing public/private partnerships and strategic innovation initiatives.