Last Spring, the Costa Rican government experienced a series of ransomware attacks that paralyzed critical systems across the country. Imports, exports, healthcare, and other public services were disrupted, prompting Costa Rican President Rodrigo Chaves Robles to declare a state of emergency. The recovery process lasted for several months. Almost a year after the crisis began, a senior White House official recently announced that the United States plans to provide $25 million in cybersecurity assistance to help Costa Rica bolster its digital infrastructure.
The grant will fund the establishment of a security operations center within the Costa Rican Ministry of Science, Innovation, Technology, and Communications. This center will enable the country to systematically improve its critical infrastructure defenses, detect intrusions, and coordinate incident response across the government. The funding will also cover cybersecurity training and secure equipment, including hardware and software licenses.
The senior Biden administration official, who spoke with reporters on the condition of anonymity, is in Costa Rica to meet with Chaves about the aid, which will come from the US State Department. Costa Rica is co-hosting the State Department’s 2023 Summit for Democracy this week.
The official also mentioned that the US government had provided a similar $25 million grant to Albania in February following a devastating attack on that country’s government last summer, believed to be the work of Iranian hackers.
“We immediately deployed a team of US experts to assist in Costa Rica’s recovery at the time of the ransomware attacks and have been working closely with the country ever since,” the US official told reporters. “We have recognized that this further stability, this further assistance, is needed.”
The Biden administration has been selecting cybersecurity funding recipients “based on the significance of the attacks that occurred,” according to the official. Iran’s cyberattack on Albania was noteworthy for its targeting of a NATO member. Meanwhile, Chaves and other members of the Costa Rican government have suggested that the attacks on their networks, which were conducted by notorious Russia-based cybercriminal gangs, might have been in retaliation for Costa Rica’s outspoken support of Ukraine.
The attacks on Costa Rica were carried out by the prolific, now disbanded, cybercriminal gang Conti and its affiliates. The group demanded a $20 million ransom and uploaded hundreds of gigabytes of stolen data from the attacks to its dark-web site. The group was explicit about its destructive intentions, stating in a post addressed to Costa Rica and “US terrorists (Biden and his administration)” that they were determined to overthrow the government via a cyberattack. At the time of the attacks, the US State Department offered rewards totaling $15 million for information about Conti that leads to an arrest.
As digital threats have escalated in recent years, the US has focused on launching initiatives to unite the global community against ransomware and other cybercrime. “In the current context, we recognize that supporting our allies’ and partners’ security is important,” the senior official said today, citing collaboration with European allies, Russian cyberattacks, and “broader competition with China” as the general geopolitical backdrop for the move.
