I think Cuba is the name assigned to the ransomware group, likely from names they use themselves, rather than an attempt to attribute the behavior to the country of the same name. I was looking for information to prove this, but they seem to be quite new as an attacker and most searches are just giving me a bunch of articles about this same announcement. None of the ones I've read have said that the country of Cuba has a connection to these, and if it did, they would be likely to call it "Cuban ransomware" to indicate its origin. I'm pretty sure therefore that it's just a name.
Update: PC Mag says it's probably based in Russia.
Biting the hand that feeds IT
