orlando utilities commission florida water SCADA
ProjectX: OUC Creates Powerful, Intuitive Visualizations
November 14, 2022
GrayMatter Holiday Gift Guide: 2022
December 16, 2022

The FBI and Cybersecurity & Infrastructure Security Agency are warning U.S. manufacturers and other industries this week about a cybercrime group known as “Cuba Ransomware.”

Cuba Ransomware targets five critical infrastructure sectors: Critical Manufacturing, Financial Services, Government Facilities, Healthcare and Information Technology, according to the agencies.


A Growing Threat

From December 2021 to August 2022, the FBI says Cuba Ransomware has compromised more than 100 entities worldwide, demanded more than $145 million and received more than $60 million in ransom payments.

There are four primary techniques the ransomware actors, who have no know association with the Republic of Cuba, use to gain access:
  • Exploiting known vulnerabilities in commercial software
  • Phishing campaigns (via email and social media)
  • Compromising user credentials (including those of inactive user accounts)
  • Subverting a legitimate remote desktop tool
parallax background

“FBI and CISA encourage organizations to implement the recommendations in the Mitigations section of this Cybersecurity Advisory to reduce the likelihood and impact of Cuba ransomware and other ransomware operations.”


How to Prepare

5 Recommendations:

1. Follow the National Institute for Standards & Technology (NIST) guidelines
2. Create a recovery plan to keep copies of sensitive data safe
3. Use multifactor authentication
4. Update and patch when possible
5. Segment networks to prevent ransomware from spreading
For more on how to defend against ransomware download GrayMatter’s OT Cybersecurity eBook.


More on OT Cybersecurity

GrayMatter emPOWERUP Podcast host Jeremy Boren talks with Jerry Baum, Zekelman's Director of IT, Infrastructure, about how the company is working with GrayMatter to create a strong, long-term OT cybersecurity strategy.