CISA: #StopRansomware: Cuba Ransomware
#StopRansomware: Cuba Ransomware
Today, the Federal Bureau of Investigation (FBI) and CISA released a joint Cybersecurity Advisory (CSA) #StopRansomware: Cuba Ransomware to provide network defenders tactics, techniques, and procedures (TTPs) and indicators of compromise (IOCs) associated with Cuba ransomware. FBI investigations identified these TTPs and IOCs as recently as August 2022. This CSA updates the December 2021 FBI Flash: Indicators of Compromise Associated with Cuba Ransomware. Key updates include:
- FBI has identified a sharp increase in the both the number of compromised U.S. entities and the ransom amounts demanded by Cuba ransomware actors.
- Since spring 2022, Cuba ransomware actors have expanded their TTPs.
- Third-party and open-source reports have identified a possible link between Cuba ransomware actors, RomCom Remote Access Trojan (RAT) actors, and Industrial Spy ransomware actors.
FBI and CISA encourage network defenders to review the joint CSA and to apply the included mitigations. See StopRansomware.gov for additional guidance on ransomware protection, detection, and response.
A considerable amount of time and effort goes into maintaining this website, creating backend automation and creating new features and content for you to make actionable intelligence decisions. Everyone that supports the site helps enable new functionality.
If you like the site, please support us on Patreon using the button below
To keep up to date follow us on the below channels.
