blackbyte attacks Contraloría General de la República

Incident Date:

May 21, 2022

World map



blackbyte attacks Contraloría General de la República


Contraloría General de la República




La Habana, Cuba

La Habana, Cuba

First Reported

May 21, 2022

BlackByte Ransomware Attacks Contraloría General de la República

The Cuban government agency, Contraloría General de la República, has been targeted by the BlackByte ransomware group, as announced on their dark web leak site. The victim's website operates in the Government sector.

Victim Profile

Contraloría General de la República is a government agency responsible for financial oversight and accountability in Cuba. While the size of the organization is not explicitly stated, its role as a government entity is significant.

Industry Standout

As a government agency, Contraloría General de la República is pivotal in maintaining financial integrity and transparency within the Cuban government. Its efforts are vital for the proper allocation of resources and sustaining public trust in the government's financial management practices.


The specific vulnerabilities exploited in the attack by BlackByte are not detailed. However, BlackByte's operation model, known as Ransomware-as-a-Service (RaaS), involves encrypting Windows files and demanding a ransom for the decryption key. They also engage in data exfiltration before launching the ransomware, intensifying pressure on the victim to comply with ransom demands.

The attack on Contraloría General de la República by BlackByte underscores the persistent threat of ransomware attacks on government entities. Despite federal agencies' efforts to offer assistance and guidance, organizations must stay vigilant and prioritize cybersecurity to fend off such threats.


Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.