FBI finds ransomware targeting critical infrastructure

The Federal Bureau of Investigation (FBI) has released an alert regarding the "Cuba" ransomware, which has compromised 49 critical infrastructure organizations across five sectors.

The Cuba ransomware group uses Hancitor malware, a loader that drops or executes stealers such as remote access trojans (RATs) onto targeted networks. Organizations compromised by the ransomware span sectors including healthcare, finance, information technology, manufacturing and government.

The FBI found that Cuba ransomware actors exploited legitimate Windows service, including PowerShell, PsExec and others, to gain Windows Admin access to networks and launch cyberattacks.

To date, the cyber actors behind Cuba ransomware have received over $43 million in ransom payments.

For more technical and mitigation information on the malware, click here.

ON DEMAND: In this webinar, Regina Lester, Vice President of Security & Safety Operations at Toledo Zoo, will share her insights on implementing security technologies in the entertainment sector and the challenges all organizations face — large and small — when it comes to balancing budget and security.

FBI finds ransomware targeting critical infrastructure

Get our new eMagazine delivered to your inbox every month.

Stay in the know on the latest enterprise risk and security industry trends.

FBI finds ransomware targeting critical infrastructure

Share This Story

Related Articles

Get our new eMagazine delivered to your inbox every month.

Stay in the know on the latest enterprise risk and security industry trends.