Fraud Management & Cybercrime , Security Operations , Security Operations Center (SOC)

US Aids Costa Rican Post-Hack Push for Robust SOC, Secure 5G

US Funds for Regional SOC, Use of Trusted 5G Providers Follow Big 2022 Cyberattack
US Aids Costa Rican Post-Hack Push for Robust SOC, Secure 5G
Costa Rican President Rodrigo Chaves Robles meets with U.S. President Joe Biden on Aug. 29, 2023 (Image: The White House)

Costa Rica will build a national cybersecurity operations center with substantial U.S. financial backing following a crippling cyberattack last year and will also commit to using only trusted 5G providers.

See Also: OnDemand Discussion | Hut, Hut! Attention! Red Team? No. Blue Team? No. Purple Team, You're up - Incident Response Time

The U.S. Department of State has extended $25 million to help Costa Rica build a near-term virtual security operations center and, in the long-run, a brick-and-mortar SOC that will in time support other Central American nations, said Deputy National Security Advisor Anne Neuberger. The U.S. Department of Defense will put forward $10 million to build a SOC for Costa Rica's Ministry of Public Security.

"Decades of negligence in protecting our information, our tax systems and our computer systems have to come to an end," Costa Rican President Rodrigo Chaves Robles said Wednesday during a panel discussion at the Center for Strategic and International Studies. "This money will help us very much to do that." Chaves is in Washington after meeting Tuesday with U.S. President Joe Biden in the White House.

The U.S. Export-Import Bank will extend up to $300 million of financing to help Costa Rican transition to 5G using exclusively trusted providers to ensure the security of the nation's core digital infrastructure isn't jeopardized, Neuberger said. Costa Rica's state-owned telecom company as well as private 5G providers will be required to purchase all 5G equipment and technology from trusted entities, Chaves said.

"The price differences are huge if you were willing to take the risk," Chaves said. "We're looking at American companies and European companies and telling them, 'Your connectivity with headquarters and with your clients is going to be fast, reliable, affordable and, above all, secure.'"

Conti Cripples Costa Rica in 2022 Cyberattack

Costa Rica's security investments come a year after the Central American country suffered a massive cyberattack that coincided with Chaves' May 2022 presidential inauguration. Shortly after Chaves as president-elect denounced Russia's invasion of Ukraine as "illegal, unacceptable and criminal," Costa Rica experienced a cyberattack that affected "the backbone of the functioning of the state" (see: Conti's Legacy: What's Become of Ransomware's Most Wanted?).

The cyberattack walloped everything from Costa Rica's tax system, customs system and electricity to the nation's meteorological services, Ministry of Transport, social security and health system, Chaves said. By working with the United States and Spain, Costa Rica determined the attack had originated from the Russia-based Conti ransomware group, which began to demand extortion payments. Chaves decided Costa Rica wouldn't pay out.

"It was ugly," Chaves said. "The effects were very significant. Millions of dollars and thousands of medical appointments were lost. But here we are."

Neuberger said Biden was "deeply concerned" about the timing of the cyberattack as well as the extent of its impact on critical services, medical appointments and travel within the nation. At the request of the Costa Rican government, the FBI had a team on the ground within 24 hours, and the team worked closely with local cyber personnel to facilitate a quick recovery (see: Inside President Biden's 'Relentless' Cybersecurity Focus)

Earlier this year, Costa Rica experienced a cyberattack against the nation's children's hospital, on the very day it had signed an agreement to use only trusted providers in its 5G tender and auctions.

"We say in Costa Rica, 'Think suspiciously, and you're likely to be right,'" Chaves said. "But we will stay the course. It has been done. There's no way back."

Costa Rica's Path to Regional Security Leadership

Neuberger said Costa Rica's in-person Security Operations Center will take on regional duties including teaching individuals from neighboring countries how to maintain a network, spot intrusions and quickly respond effectively. Other countries in Latin America that might be less mature from a cyber standpoint have much to learn from Costa Rica and the U.S., Neuberger said.

"In the arena of cybersecurity, there's the credibility of having lived through a difficult experience, managed and responded quickly," Neuberger said, "and I think that credibility positions Costa Rica to be a regional leader."

Costa Rica's investments in security will complement commitments the country has made to democracy, minority rights and freedom of the press to make the nation a global leader, according to Chaves. He said "impeccable administration" is essential to credibility on the international stage since other nations are loathe to take advice from a country that can't keep its own affairs in order.

"If you cannot provide a safe environment for your data and your information, you can't claim you're trying to change the world and improve people's lives," Chaves said. "That comes as a necessary condition."


About the Author

Michael Novinson

Michael Novinson

Managing Editor, Business, ISMG

Novinson is responsible for covering the vendor and technology landscape. Prior to joining ISMG, he spent four and a half years covering all the major cybersecurity vendors at CRN, with a focus on their programs and offerings for IT service providers. He was recognized for his breaking news coverage of the August 2019 coordinated ransomware attack against local governments in Texas as well as for his continued reporting around the SolarWinds hack in late 2020 and early 2021.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing ransomware.databreachtoday.com, you agree to our use of cookies.