The US Is Sending Money to Countries Devastated by Cyberattacks

Last spring, the Costa Rican government suffered a series of ransomware attacks that hobbled critical systems around the country. As imports and exports, health care, and other public services were disrupted, Costa Rican president Rodrigo Chaves Robles declared a state of emergency, and the recovery has been a months-long ordeal. Almost a year after the crisis began, a senior White House official told reporters today that the United States plans to provide $25 million in cybersecurity assistance to help Costa Rica strengthen its digital infrastructure. 

The grant will include funding to establish a security operations center within Costa Rica’s Ministry of Science, Innovation, Technology, and Communications. This will expand the country’s ability to systematically improve its critical infrastructure defenses, detect intrusions, and coordinate incident response across the government. The funding will also include cybersecurity training as well as secure equipment, including hardware and licenses for software. 

The senior Biden administration official, who spoke to reporters on the condition that they not me named, is in Costa Rica to meet with Chaves about the aid, which will come from the US State Department. Costa Rica is cohosting the State Department’s 2023 Summit for Democracy this week. 

The official also told reporters that in February the US government provided a similar $25 million grant to Albania in the wake of a destructive attack on that country’s government last summer that has been attributed to Iranian hackers. 

“At the time [of the ransomware attacks], we immediately deployed a team of US experts to assist in Costa Rica’s recovery and have been working closely with the country since then—and have recognized that this further stability, this further assistance is needed,” the US official told reporters.

The official said that the Biden administration has been choosing cybersecurity funding recipients “based on the significance of the attacks that occurred.” Iran’s cyberattack on Albania was noteworthy for its targeting of a NATO member. Meanwhile, Chaves and other members of the Costa Rican government have suggested that the attacks on their networks, which were perpetrated by notorious Russia-based cybercriminal gangs, may have been in response to Costa Rica’s outspoken support of Ukraine.

The attacks on Costa Rica were led by the prolific, now disbanded, cybercriminal gang Conti and its affiliates. The group demanded a $20 million ransom and uploaded hundreds of gigabytes of data stolen in the attacks to its dark-web site. And the group was explicit about its destructive intentions. “We are determined to overthrow the government by means of a cyberattack,” it wrote in a post addressed to Costa Rica and “US terrorists (Biden and his administration).” At the time of the attacks, the US State Department offered rewards totaling $15 million for information about Conti that leads to an arrest.

In recent years, as digital threats have escalated, the US has been focused on launching initiatives to bring the global community together against ransomware and other cybercrime.

“In the current context, we recognize that supporting our allies’ and partners’ security is important,” the senior official said today, citing collaboration with European allies, Russian cyberattacks, and “broader competition with China” as the general geopolitical backdrop for the move.