Ransomware Group
Cuba
Also known as: COLDDRAW, Fidel
Status: active • First seen 2019-12 • 100+ known victims
Cuba attacks critical infrastructure. The FBI and CISA have issued multiple warnings.
Overview
Cuba ransomware targets critical infrastructure and has been subject to CISA warnings.
Target Industries
Finance, Government, Healthcare, Manufacturing
How They Attack
- • Hancitor malware
- • RomCom RAT
- • Vulnerability exploitation
Notable Victims
Multiple US critical infrastructure entities
Is your business exposed?
How to Protect Against Cuba
- 1.
Review CISA advisory AA22-335A
MITRE ATT&CK Techniques
Is your business exposed?
Check if your company data is circulating on the dark web
Free scan • No credit card required