US Gives Costa Rica $25M For Eradication Of Conti Ransomware

By   Olivia William
Writer , Information Security Buzz | Mar 30, 2023 04:53 am PST

The US provides $25 million to Costa Rica for the eradication of Conti ransomware. To aid the nation in recovering from a devastating ransomware attack that rendered numerous crucial agencies inoperable last year, the US government is handing the government of Costa Rica $25 million.

In May 2022, the now-defunct Conti ransomware gang seriously damaged the Costa Rican Social Security Fund. As a result, Costa Rica’s newly elected president Rodrigo Chaves announced a state of emergency. The group publicly called for the government’s downfall in messages before requesting a $20 million ransom.

After a direct request from Chaves, a senior White House representative declared on Wednesday that the United States government would contribute $25 million to Costa Rica’s cybersecurity efforts using funding from the State Department. The money is used to safeguard the nation’s vital network infrastructure.

Costa Rica suffered from some of the greatest ransomware attacks any nation had ever seen last spring, which seriously disrupted the nation’s essential services. President Chavez was forced to declare a state of emergency as a result of the disruption to their social security, financial, and telecommunications systems, the official informed reporters on Wednesday. “

At the time, we promptly dispatched a team of American experts to aid in Costa Rica’s recovery. Since then, we’ve collaborated closely with the country and have determined that additional assistance is required.” A central security operations center will be created with the Ministry of Science, Innovation, Technology, and Communications funds, which will seek to stop, identify, and respond to cyberattacks.

Also, the center will organize cybersecurity initiatives among all of Costa Rica’s departments and authorities. A portion of the funds will go toward supporting cybersecurity training, capacity building, strategic and technical planning, and purchasing tools, software, hardware, and licensing.

In the upcoming weeks, Chavez will meet with representatives of the Biden administration to talk about the grant and more comprehensive security measures for digital infrastructure.

Because it publicly backed Russia after it invaded Ukraine, the Conti ransomware organization made the news. The official frequently noted that the decision was part of a bigger effort to support Ukraine in its conflict with Russia when questioned why Costa Rica was being given priority over the numerous other nations that had recently been targeted by ransomware. This move led to internal strife and ultimately led to the group’s demise.

The official stated that the government and President Chavez “think that their strong support for Ukraine and the forceful words may have been a cause in the massive ransomware assaults.” We acknowledge that protecting the security of our allies and partners is crucial in the context of our work to defend our European allies and partners from Russian cyberattacks.

The $25 million would “make such a tremendous difference in terms of the security operation center, helping them acquire facts on the ground, helping them build up the capacity to manage it from this point on their own subsequently,” the official continued.

A country in need has received grants for cybersecurity before. The White House representative also mentioned that Albania received $25 million in February following its own ransomware assault last year, which the Albanian government thinks is the result of Iranian government involvement.

The person mentioned that the FBI’s “US’ core expert incident response team” of ransomware specialists provided initial assistance to both Albania and Costa Rica.

The Cyber National Mission Force (CNMF) sent a team of twenty personnel to Albania as part of a “hunt forward” operation in response to a second hack that occurred in September, they also mentioned.

The Effort To Combat Conti Ransomware

Moreover, Costa Rica has expressed interest in joining the Anti Ransomware Initiative, which was launched in 2021 by the United States and 36 other nations. The official from the White House referred to the program as a “cornerstone” of the Biden administration’s cybersecurity plan and a mechanism for more advanced nations to “raise up so many allies and partners.”

As they called their work “foundational to democracy” and crucial in sustaining “responsible cyber standards that hold bad actors accountable,” they underlined that the cybersecurity efforts were crucial to the US assistance for democracies that now require improved tools to hold secure elections.

The need to grow and include new nations, especially those in the “global South” that required aid, was one crucial aspect of the program that was considered during the group’s meeting in October. According to a White House representative, scores of cyber-poor nations are experiencing waves of ransomware assaults and other types of cybercrime, which has prompted initiative members to offer assistance.

The diplomat stated, “We deliberated adding a co-lead to the diplomacy panel, which is now led by Nigeria and Germany, since we want to bring in that Global South. We thought we could be useful.”

Since October 2022, outreach has been made to the nations we believed would benefit from membership. And as a result, Costa Rica submitted an application.

The National Security Council, the White House, or the State Department did not answer inquiries on what other nations have applied to join the effort. The representative clarified that other nations might oppose it after a government submits an application. If there are no objections, the nation officially joins the project.

The official would not say specifically whether other nations were providing funding. Still, he or she did say that some NATO nations and Asian nations were providing funding as well as technical skills to large-scale cybersecurity initiatives.

“There are nations there that really could use assistance. Our intention was to emphasize that, in addition to having the necessary funds, we also needed a group of NATO nations that could provide certain capabilities, they said, adding that further information about these projects will be shared during a meeting in the Lithuanian capital of Vilnius this summer.

Conclusion

According to a senior administration official, the State Department is donating $25 million to Costa Rica to aid in the country’s recovery from a series of deadly ransomware assaults last year. The additional financing establishes a precedent that, in the event of cyberattacks from foreign adversaries, the Biden administration will deploy assistance to allies. The Costa Rican government believes the attacks last year were related to the nation’s “strong support for Ukraine,” the senior administration official told reporters during a briefing.

The initial attack was attributed to the now-defunct Russian ransomware group Conti, while a second attack, which happened shortly after, was attributed to the Russian gang Hive. The US also gave Albania $50 million to help it recover from the Iranian state-linked ransomware that infected its networks this summer, according to Yuri Kim, the US ambassador to Albania, who made the announcement last month. In the past year, ransomware attacks have targeted Costa Rica’s public health system, finance ministry, Social Security program, and transportation agency, delaying government employee salaries, resident tax filings, and other things.