Medusa Ransomware Hits International University of Sarajevo

Incident Date: Nov 05, 2024

Attack Overview

VICTIM

International University of Sarajevo

INDUSTRY

Education

LOCATION

Bosnia and Herzegovina

ATTACKER

Medusa

FIRST REPORTED

November 5, 2024

Request Removal

Medusa Ransomware Group Targets International University of Sarajevo

The International University of Sarajevo (IUS), a leading private educational institution in Bosnia and Herzegovina, has fallen victim to a ransomware attack orchestrated by the notorious Medusa group. This incident highlights the growing threat of cyberattacks on educational institutions, which are often rich in sensitive data.

About the International University of Sarajevo

Established in 2004, IUS is recognized for its commitment to high-quality education and international standards. The university offers a diverse range of undergraduate, graduate, and doctoral programs across various disciplines, including engineering, business, and social sciences. With a student body of approximately 2,000 from over 55 countries, IUS prides itself on fostering a multicultural academic environment. The institution employs over 200 full-time staff and operates as a non-profit, relying on tuition fees and educational programs for funding.

Vulnerabilities and Targeting

Educational institutions like IUS are attractive targets for ransomware groups due to their extensive databases of personal and academic information. The reliance on digital infrastructure for academic and administrative operations further increases their vulnerability. The Medusa group, known for its sophisticated attacks, likely exploited these vulnerabilities to infiltrate IUS's systems and exfiltrate sensitive data.

Attack Overview

The Medusa ransomware group has claimed responsibility for the attack on IUS, threatening to release the compromised data unless their demands are met within a week. The university is currently assessing the breach's impact and working to mitigate potential disruptions to its operations. This attack underscores the persistent threat posed by ransomware groups to the education sector.

Medusa Ransomware Group Profile

Emerging in late 2022, Medusa operates as a Ransomware-as-a-Service (RaaS) platform, allowing affiliates to launch attacks using its ransomware. The group has targeted various sectors globally, including education, healthcare, and government services. Medusa distinguishes itself through its ability to exfiltrate large volumes of data and its aggressive tactics, such as public data leaks if ransoms are not paid. The group's ransomware is designed to disable recovery efforts, making it a formidable threat in the cybersecurity landscape.

Sources

See Halcyon in action

Interested in getting a demo?
Fill out the form to meet with a Halcyon Anti-Ransomware Expert!

Let's get started

First Name

Last Name

Phone Number

Buying Timeframe

halcyon.ai is committed to protecting and respecting your privacy, and we’ll only use your personal information to administer your account and to provide the products and services you requested from us. From time to time, we would like to contact you about our products and services, as well as other content that may be of interest to you. If you consent to us contacting you for this purpose, please tick below to say how you would like us to contact you:

I agree to receive other communications from halcyon.ai and acknowledge Halcyon's privacy policy.

You may unsubscribe from these communications at any time. For more information on how to unsubscribe, our privacy practices, and how we are committed to protecting and respecting your privacy, please review our Privacy Policy.

By clicking submit below, you consent to allow halcyon.ai to store and process the personal information submitted above to provide you the content requested.

Back

Thank you! Your submission has been received!

Oops! Something went wrong while submitting the form.