Ransomware Attack on the National Assembly of Serbia

The National Assembly of Serbia, also known as the Skupstina, has been targeted by the ransomware group Cuba in a recent attack. The group claimed responsibility for the attack on their dark web leak site, and the victim's website is the official site of the National Assembly. The National Assembly operates in the Government sector and has been affected by the ransomware attack.

Victim Profile

The National Assembly of Serbia is the legislative branch of the government of Serbia. It is responsible for enacting laws, approving the budget, and overseeing the work of the government. The National Assembly is composed of 250 members, who are elected through a mixed member proportional representation system. The current President of the National Assembly is Ana Brnabić.

Company Size and Industry Standing

The National Assembly of Serbia is a significant institution in the country's political landscape. It is responsible for representing the interests of the Serbian people and ensuring the proper functioning of the government. The National Assembly is a key player in the country's democratic process and is considered a vital part of the government sector.

Vulnerabilities and Threat Actors

Ransomware attacks have been on the rise, with threat actors increasingly exploiting unknown and day-one vulnerabilities in their attacks. The operators of the Cl0p ransomware family, for example, have been known to abuse zero-day vulnerabilities to gain access to target networks. In some cases, these attackers do not even bother to encrypt data belonging to victim organizations, instead focusing solely on stealing sensitive data and extorting victims by threatening to sell or leak the data to others.

The National Assembly of Serbia, like many other organizations, may have been targeted due to its size and the perceived value of its data. Small to midsize businesses with reported revenues of up to $50 million were found to be the most common victims of ransomware attacks, while larger organizations made up only 12% of the victims.

The ransomware attack on the National Assembly of Serbia highlights the increasing threat posed by cybercriminals to government institutions and other organizations. It is crucial for all organizations to remain vigilant and take appropriate measures to protect themselves from such attacks.

Sources

• "Народна скупштина Републике Србије" (National Assembly of Serbia). Retrieved April 10, 2024, from http://www.parlament.gov.rs/.
• Jai Vijayan, "Ransomware Victims Surge as Threat Actors Pivot to Zero-Day Exploits," DarkReading, August 7, 2023. Retrieved April 10, 2024, from https://www.darkreading.com/threat-intelligence/ransomware-victims-surge-as-threat-actors-pivot-to-zero-day-exploits.