cuba attacks Global inspection services

Incident Date:

September 27, 2022

World map



cuba attacks Global inspection services


Global inspection services




Madrid, Spain

Madrid, Spain

First Reported

September 27, 2022

Global Inspection Services Ransomware Attack

Company Overview

Global Inspection Services (GIS), a prominent entity in the Energy, Utilities & Waste sector, has been compromised in a recent ransomware attack by the group known as Cuba. This incident was disclosed on a dark web leak site, highlighting the ongoing cybersecurity threats faced by companies within this critical infrastructure sector.

Company Size and Industry Standout

As a key player in the inspection services industry, GIS offers a comprehensive suite of services that cater to a diverse range of sectors. These include upstream, midstream, downstream & petrochemicals, various power plants (fossil-fuel, solar & wind, hydropower, nuclear), water treatment plants, ancillary facilities, solid handling plants, and chemical complexes. GIS's extensive service range and its pivotal role in supporting essential industries underscore its significance in the global market.

Vulnerabilities and Targeting

The cyber assault on GIS underscores the pronounced vulnerabilities within the Energy, Utilities & Waste sector. Attackers likely leveraged network weaknesses or deployed phishing tactics to infiltrate the company's systems. This event accentuates the critical need for fortified cybersecurity defenses to thwart ransomware attacks, which pose substantial operational and financial risks.

Ransomware Group Cuba

The Cuba ransomware group, known for its ransomware-as-a-service operations, encompasses both developers and affiliates targeting a wide array of victims. This includes entities within the public and private sectors, notably within healthcare during the COVID-19 pandemic. The use of NetWalker ransomware by this group has been particularly prevalent, demonstrating the group's active threat landscape.

Mitigation Strategies

To counteract the threat of ransomware, organizations must implement comprehensive incident response strategies, ensure regular data backups, maintain updated security protocols, and foster cybersecurity awareness among employees. Investing in sophisticated threat detection and response technologies, alongside enhancing overall technological resilience, is imperative for safeguarding against these cyber threats.


Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.