Narayan AmmachchiThe U.S. State Department reportedly helped Costa Rica regain control of the computer network that powers the nation’s main oil refinery after a cyberattack in November 2024.
According to The Record, a U.S. technology team operating under the State Department’s FALCON program responded within 36 hours—marking the first time the FALCON initiative has provided such assistance.
On November 27, hackers breached the refinery’s computer system, locking it down and demanding a ransom. During the outage, the refinery—operated by RECOPE—shifted to manual operations to ensure that the oil supply to citizens remained uninterrupted.
This event was the second cyberattack targeting a Costa Rican government institution within the same month.
Although this latest incident was less severe than the 2022 breach by the Conti ransomware gang—which had paralyzed critical government services and forced President Rodrigo Chaves to declare a state of emergency—it nevertheless underscored the country’s cybersecurity vulnerabilities. In response to the 2022 attack, the United States had provided Costa Rica with $25 million to enhance its cyber defenses.
In the wake of the refinery incident, Costa Rican officials immediately contacted the U.S. ambassador in San José, who then reached out to Nathaniel C. Fick, head of the State Department’s Bureau for Cyberspace and Digital Policy.
The FALCON program utilizes a cybersecurity software platform called platform35, engineered to rapidly detect and neutralize malicious cyber activities.
Add comment