EN
  • Cyber stability
  • Secops
  • Risks management
  • Digital transformation
  • Digital Sovereignty
  • Cybercrime
  • Industry and OT
  • Fraud
  • Digital identity
  • Cyber +
    • CISA and FBI detail activities of Cuba group

    CISA and FBI detail activities of Cuba group

    Written by
    The Editorial Team
    12.08.22
    Risks management
    02
    MIN
    CISA and FBI detail activities of Cuba group
    CISA and FBI detail activities of Cuba group
    CISA and FBI detail activities of Cuba group
    Image Child privacy and protection: finding the right balance in the fight against dangerous sexual content
    Risks management
    04.09.24 Risks management
    Next article
    Child privacy and protection: finding the right balance in the fight against dangerous sexual content
    Read
    04
    MIN
    Image Artificial Intelligence: What are the 5 major cyber threats for 2024?
    Risks management
    03.20.24 Risks management
    Next article
    Artificial Intelligence: What are the 5 major cyber threats for 2024?
    Read
    03
    MIN
    Image Jean-Jacques Latour: "To date, we have not identified any new threat linked to artificial intelligence"
    Risks management
    03.18.24 Risks management
    Next article
    Jean-Jacques Latour: “To date, we have not identified any new threat linked to artificial intelligence”
    Read
    06
    MIN
    Image Storage must form the core of an enterprise cybersecurity strategy
    Risks management
    03.14.24 Risks management
    Next article
    Storage must form the core of an enterprise cybersecurity strategy
    Read
    05
    MIN

    This Russian ransomware group has specialized in attacks against government agencies and financial institutions.

    CISA and the FBI issued a joint report on December 1, 2022, on the activities of the Russian ransomware group Cuba. Between December 2021 and August 2022, it attacked approximately 100 organizations, including government agencies, healthcare facilities, and financial institutions (its primary targets within the United States).

    Cuba is also behind the spectacular attack that affected the government of Montenegro in August 2022. In France, in October 2022, the group paralyzed the IS of the town of Chaville (Hauts-de-Seine).

    In 9 months, Cuba has received more than 60 million dollars in ransom money, out of a total demand of 145 million dollars. This is an excellent ratio considering that many states refuse to pay a single cent to pirates on principle.

    « The number of U.S. entities compromised by the Cuba ransomware has doubled, and the ransoms demanded and paid are increasing, » warn CISA and the FBI.

    From an operational point of view, Cuba uses known flaws in Microsoft products, phishing emails, or the Trojan horse Hancitor. The group practices double extortion, first demanding a ransom to restore the blocked servers, then a second one for not publishing stolen data.

    CISA and the FBI have finally issued a call to provide them with any sensitive information about the group: communication exchanges, IP addresses, Bitcoin wallets, etc.

    The Editorial Team
    12.08.22
    Articles by the same author:
    1
    04.08.24 Cybercrime
    AT&T data theft: 73 million accounts compromised
    Read
    01
    MIN
    2
    04.08.24 Industry and OT
    Kaspersky notes slight decrease in attacks against ICS 
    Read
    02
    MIN
    3
    04.05.24 Digital Sovereignty
    DMA: European Commission to investigate Alphabet, Apple and Meta 
    Read
    02
    MIN
    4
    04.02.24 Digital Sovereignty
    Atos/Eviden: Airbus throws in the towel (again)
    Read
    02
    MIN
    Image Child privacy and protection: finding the right balance in the fight against dangerous sexual content
    Risks management
    04.09.24 Risks management
    Next article
    Child privacy and protection: finding the right balance in the fight against dangerous sexual content
    Read
    04
    MIN
    Image Artificial Intelligence: What are the 5 major cyber threats for 2024?
    Risks management
    03.20.24 Risks management
    Next article
    Artificial Intelligence: What are the 5 major cyber threats for 2024?
    Read
    03
    MIN
    Image Jean-Jacques Latour: "To date, we have not identified any new threat linked to artificial intelligence"
    Risks management
    03.18.24 Risks management
    Next article
    Jean-Jacques Latour: “To date, we have not identified any new threat linked to artificial intelligence”
    Read
    06
    MIN
    Image Storage must form the core of an enterprise cybersecurity strategy
    Risks management
    03.14.24 Risks management
    Next article
    Storage must form the core of an enterprise cybersecurity strategy
    Read
    05
    MIN
    Stay tuned in real time
    Subscribe to
    the newsletter
    By providing your email address you agree to receive the Incyber newsletter and you have read our privacy policy. You can unsubscribe at any time by clicking on the unsubscribe link in all our emails.
    Stay tuned in real time
    Subscribe to
    the newsletter
    By providing your email address you agree to receive the Incyber newsletter and you have read our privacy policy. You can unsubscribe at any time by clicking on the unsubscribe link in all our emails.