The White House is sending millions to countries hit by major cyberattacks
The White House is giving millions to governments whose countries were hit with devastating malware (opens in new tab) attacks.
After giving $25 million to Albania in September 2022, the Biden administration has now decided to give the same amount to Costa Rica, with the money supposed to help these countries tighten up their cybersecurity posture.
“It will support the government of Costa Rica’s work to secure its networks and defend its critical infrastructure,” the official said. “It really reflects the president’s broader efforts to help partners efforts to build secure, open and reliable digital infrastructure around the world.”
Direct request
Costa Rica President Rodrigo Chaves sent a “direct request” for financial aid, to US President Joe Biden, after being hit by the Conti ransomware in 2022.
The attack saw operators strike the country’s critical infrastructure, bringing almost the entire government to a screeching halt, with tax collection systems affected, as well as medical appointments as Conti made away with more than 670GB of sensitive data.
The US government announced a $10 million bounty for any information leading to the identification or location of Conti’s leadership, with an additional $5 million to anyone whose help would lead to the arrest and/or conviction of anyone trying to take part in a Conti ransomware attack.
It is also worth mentioning that Conti was of Russian origin. In the early days of the Russian invasion of Ukraine, the threat actor publicly sided with the Kremlin, threatening to go after anyone who would dare to attack Russia’s infrastructure or war effort. What the U.S. government’s bounty couldn’t do, other cybercriminals did out of sheer sympathy for Ukraine.
Conti’s source code was soon leaked online, as well as thousands of chat logs, which ultimately led to the group’s disbandment.
On the other hand, last year’s cyberattack on Albania was done by an Iranian state-sponsored attacker. Albania severed all diplomatic ties with Iran following the event, while the U.S. government sanctioned the Iranian Ministry of Intelligence, as a result.
“Clearly, in the current context, we recognize that supporting our allies’ and partners’ security is important in the context of the work we’re doing supporting our European allies and partners from Russian cyberattacks, in the context of our broader competition with China and the key space Latin America plays in that as well,” the official concluded.
Via: Cyberscoop (opens in new tab)