La Sapienza University Faces Cyberattack Disruptions
Overview of the Incident
Rome’s Sapienza University, known as Europe’s largest university by student enrollment, is currently facing significant disruptions due to a cyberattack that has compromised its IT services. This incident has compelled the institution to take several critical systems offline as they work to assess the damage and restore functionality.
Earlier this week, the university confirmed the attack through a statement on social media, noting that their IT infrastructure had been targeted. In an attempt to protect sensitive data and maintain security, the university initiated a shutdown of its network systems. This swift action, while necessary, has led to widespread operational disruptions affecting students and faculty alike.
Impact on Students and Operations
With over 112,500 students enrolled, the ramifications of this cyberattack are particularly far-reaching. University officials have promptly informed Italian authorities and mobilized a specialized technical task force focused on remediation and recovery efforts. However, as of the latest updates, La Sapienza’s official website remains offline. Communication concerning the recovery process has primarily shifted to social media platforms like Instagram, where officials are providing updates.
To alleviate some of the challenges posed by the outage, the university has established temporary in-person “infopoints.” These centers aim to offer students access to essential information that would typically be available through digital systems, ensuring they can continue their academic pursuits as smoothly as possible.
Connection to BabLock Malware
While the university has yet to reveal specific details about the technical aspects of the cyberattack or the identity of the perpetrators, reports from Italian news outlet Corriere Della Sera indicate that this incident exhibits characteristics typical of a ransomware attack. Current investigations suggest a potential link to a previously unknown pro-Russian threat actor known as “Femwar02.”
The attack is believed to have utilized BabLock malware, also known as Rorschach. This type of malware has garnered attention due to its rapid encryption capabilities and extensive customization options, making it a formidable tool in the arsenal of cybercriminals. BabLock first appeared in 2023 and has since raised concerns among cybersecurity experts.
Ongoing Investigation and Recovery Measures
In response to the incident, Sapienza’s IT team is collaborating with Italy’s national Computer Security Incident Response Team (CSIRT) as well as specialists from the Agenzia per la Cybersicurezza Nazionale (ACN) and Polizia Postale. Their focus is on restoring affected systems using data backups, which are reportedly intact and unaffected by the cyberattack.
Italy’s national cybersecurity agency has confirmed its investigation into the situation. Nonetheless, no official statements from either Sapienza University or authorities have confirmed whether the attack involved ransomware or if any data was taken. This distinction is vital: while encryption-only cases tend to result in operational challenges, incidents involving data theft could impose further legal and regulatory responsibilities under the EU’s General Data Protection Regulation (GDPR).
Conclusion
As the situation continues to unfold, the university community awaits further updates. The proactive measures taken by Sapienza University demonstrate a commitment to safeguarding their digital infrastructure, while ongoing investigations aim to unveil more details regarding the attack’s origins and impacts. For the time being, students and staff are encouraged to utilize the available resources and remain informed through official communication channels.
