US Aids Costa Rican Post-Hack Push for Robust SOC, Secure 5G – Source: www.govinfosecurity.com

Fraud Management & Cybercrime
,
Security Operations
,
Security Operations Center (SOC)

US Funds for Regional SOC, Use of Trusted 5G Providers Follows Big 2022 Cyberattack

Michael Novinson (MichaelNovinson) •
August 30, 2023    

Costa Rica will build a national cybersecurity operations center with substantial U.S. financial backing following a crippling cyberattack last year while also committing to using only trusted 5G providers.

See Also: Live Webinar | Unmasking Pegasus: Understand the Threat & Strengthen Your Digital Defense

The U.S. State Department extended $25 million to help Costa Rica build a near-term virtual security operations center and, in the long-run, a brick-and-mortar SOC that will in time support other Central American nations, said Deputy National Security Advisor Anne Neuberger. The U.S. Defense Department will put forward $10 million to build a SOC for Costa Rica’s Ministry of Public Security.

“Decades of negligence in protecting our information, our tax systems and our computer systems have to come to an end,” Costa Rican President Rodrigo Chavez said Wednesday during a panel at the Center for Strategic and International Studies. “This money will help us very much to do that.” Chavez is in Washington after meeting Tuesday with U.S. President Joe Biden in the White House.

The U.S. Export-Import Bank will extend up to $300 million of financing to help Costa Rican transition to 5G using exclusively trusted providers to ensure the security of the nation’s core digital infrastructure isn’t jeopardized, Neuberger said. Costa Rica’s state-owned telecom company as well as private 5G providers will be required to purchase all 5G equipment and technology from trusted entities, Chavez said.

“The price differences are huge if you were willing to take the risk,” Chavez said. “We’re looking at American companies and European companies and telling them, ‘Your connectivity with headquarters and with your clients is going to be fast, reliable, affordable and, above all, secure.'”

Conti Cripples Costa Rica in 2022 Cyberattack

Costa Rica’s security investments come a year after the Central American country suffered a massive cyberattack that coincided with Chavez’s May 2022 presidential inauguration. Shortly after Chavez as president-elect denounced Russia’s invasion of Ukraine as “illegal, unacceptable and criminal,” Costa Rica experienced a cyberattack that affected “the backbone of the functioning of the state” (see: Conti’s Legacy: What’s Become of Ransomware’s Most Wanted?).

The cyberattack walloped everything from Costa Rica’s tax system, customs system and electricity to the nation’s meteorological services, Ministry of Transport, social security and health system, Chavez said. By working with the United States and Spain, Costa Rica determined the attack originated from the Russia-based Conti ransomware group, who began demanding extortion payments. Chavez decided Costa Rica wouldn’t pay out.

“It was ugly,” Chavez said. “The effects were very significant. Millions of dollars and thousands of medical appointments were lost. But here we are.”

Neuberger said President Joe Biden was “deeply concerned” about the timing of the cyberattack as well as the extent of its impact on critical services, medical appointments and travel within the nation. At the request of the Costa Rican government, the FBI had a team on the ground within 24 hours, which worked closely with local cyber personnel to facilitate a quick recovery (see: Inside President Biden’s ‘Relentless’ Cybersecurity Focus)

Earlier this year, Costa Rica additionally experienced a cyberattack against the nation’s children’s hospital, on the very day it signed an agreement to use only trusted providers in its 5G tender and auctions.

“We say in Costa Rica, ‘Think suspiciously, and you’re likely to be right,'” Chavez said. “But we will stay the course. It has been done. There’s no way back.”

Costa Rica’s Path to Regional Security Leadership

Neuberger said Costa Rica’s in-person Security Operations Center will take on regional duties including teaching individuals from neighboring countries how to maintain a network, spot intrusions, and how to quickly respond effectively. Other countries in Latin America might be less mature from a cyber standpoint have much to learn from Costa Rica and the U.S., Neuberger said.

“In the arena of cybersecurity, there’s the credibility of having lived through a difficult experience, managed and responded quickly,” Neuberger said. “And I think that credibility positions Costa Rica to be a regional leader.”

Costa Rica’s investments in security will complement commitments the country has made to democracy, minority rights and freedom of the press to make the nation a global leader, according to Chavez. He said “impeccable administration” is essential to credibility on the international stage since other nations are loathe to take advice from a country that can’t keep its own affairs in order.

“If you cannot provide a safe environment for your data and your information, you can’t claim you’re trying to change the world and improve people’s lives,” Chavez said. “That comes as a necessary condition.”