Last spring, The Costa Rican government suffered a series of ransomware attacks that crippled critical systems across the country. As imports and exports, health care and other public services were disrupted, Costa Rican President Rodrigo Chaves Robles declared a state of emergency, and recovery was a months-long struggle. Nearly a year after the crisis began, a senior White House official told reporters today that the United States plans to provide $25 million in cybersecurity aid to help Costa Rica strengthen its digital infrastructure.
The grant will include funds to establish a security operations center within the Costa Rican Ministry of Science, Innovation, Technology and Communications. This will expand the country’s ability to systematically improve the defense of its critical infrastructure, detect intrusions and coordinate incident response across government. Funding will also include cybersecurity training, as well as secure equipment, including hardware and software licenses.
A senior Biden administration official, who spoke to reporters on condition of anonymity, is currently in Costa Rica to meet with Chavez about the aid, which will come from the US State Department. Costa Rica is co-hosting the US State Department’s 2023 Democracy Summit this week.
The official also told reporters that in February the United States government provided a similar $25 million grant to Albania following a destructive attack on the country’s government last summer that was attributed to Iranian hackers.
“In that time [of the ransomware attacks]”We immediately deployed a team of American experts to help with Costa Rica’s recovery, and we’ve been working closely with the country ever since — and we recognized that this further stability, this further assistance, was needed,” the US official told reporters.
The official said the Biden administration selected recipients of cybersecurity funding “based on the significance of the attacks that occurred.” Iran’s cyber attack on Albania was notable for targeting a NATO member. Meanwhile, Chaves and other members of the Costa Rican government suggest that the attacks on their networks, perpetrated by notorious Russian cyber crime gangs, may be a response to Costa Rica’s open support for Ukraine.
The attacks in Costa Rica were led by the prolific, now disbanded, cybercriminal gang Conti and its affiliates. The group demanded a $20 million ransom and posted hundreds of gigabytes of data stolen in the attacks on its dark web. And the group was explicit in its destructive intentions. “We are determined to overthrow the government through a cyberattack,” the post addressed Costa Rica and “American terrorists (Biden and his administration).” At the time of the raid, the US State Department was offering rewards totaling $15 million for information about Conti leading to his arrest.
In recent years, as digital threats have escalated, the US has been focused on launching initiatives to rally the global community against ransomware and other cybercrime.
“In the current context, we recognize that supporting the security of our allies and partners is important,” a senior official said today, citing cooperation with European allies, Russian cyberattacks and “broader competition with China” as the general geopolitical backdrop for the move.
