cuba attacks skupstina

Incident Date:

August 30, 2022

World map



cuba attacks skupstina






Cetinjskog, Montenegro

Cetinjskog, Montenegro

First Reported

August 30, 2022

Ransomware Attack on the National Assembly of Serbia

The National Assembly of Serbia, also known as the Skupstina, has been targeted by the ransomware group Cuba in a recent attack. The group claimed responsibility for the attack on their dark web leak site, and the victim's website is the official site of the National Assembly. The National Assembly operates in the Government sector and has been affected by the ransomware attack.

Victim Profile

The National Assembly of Serbia is the legislative branch of the government of Serbia. It is responsible for enacting laws, approving the budget, and overseeing the work of the government. The National Assembly is composed of 250 members, who are elected through a mixed member proportional representation system. The current President of the National Assembly is Ana Brnabić.

Company Size and Industry Standing

The National Assembly of Serbia is a significant institution in the country's political landscape. It is responsible for representing the interests of the Serbian people and ensuring the proper functioning of the government. The National Assembly is a key player in the country's democratic process and is considered a vital part of the government sector.

Vulnerabilities and Threat Actors

Ransomware attacks have been on the rise, with threat actors increasingly exploiting unknown and day-one vulnerabilities in their attacks. The operators of the Cl0p ransomware family, for example, have been known to abuse zero-day vulnerabilities to gain access to target networks. In some cases, these attackers do not even bother to encrypt data belonging to victim organizations, instead focusing solely on stealing sensitive data and extorting victims by threatening to sell or leak the data to others.

The National Assembly of Serbia, like many other organizations, may have been targeted due to its size and the perceived value of its data. Small to midsize businesses with reported revenues of up to $50 million were found to be the most common victims of ransomware attacks, while larger organizations made up only 12% of the victims.

The ransomware attack on the National Assembly of Serbia highlights the increasing threat posed by cybercriminals to government institutions and other organizations. It is crucial for all organizations to remain vigilant and take appropriate measures to protect themselves from such attacks.


Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.