Medusa Ransomware Group Targets Open University of Cyprus

The Medusa ransomware gang has claimed responsibility for a cyberattack on the Open University of Cyprus (OUC), causing severe disruptions to the organization’s operations. OUC is an online university that provides remote learning and offers 30 higher-level education programs to 4,200 students.

In response, access to critical systems including the eLearning Platform, Employment Portal, and Portal for applications of prospective students has been suspended as a precaution.

Medusa Ransomware and its modus operandi

The Medusa ransomware is a criminal organization that is known for using sophisticated ransomware to target various organizations and demand ransoms for the decryption of their data. The group is also known for stealing sensitive data before encrypting it and then threatening to publicly release the stolen data if the ransom is not paid.

The group has targeted organizations worldwide, including educational institutions, healthcare providers, and government agencies. The Medusa ransomware group is believed to be a Russian-speaking organization and has been active since at least 2020.

Medusa Ransomware and its Ransom Demands

Medusa ransomware group posted OUC on its data leak site, giving the institute 14 days to respond to its ransom demands of $100,000. However, the hackers have set the same price for deleting or selling the data to interested parties.

The group also claims they will delay publishing the data by one day for $10,000. Data samples that have been published include student lists with personally identifiable information and financial details of research contractors.

Cyber Attacks on Cyprus

Cyprus has been under “cyber-pressure” as the country has experienced a series of high-impact cyber incidents since the beginning of 2023. The most notable being a catastrophic attack against the online portal of the national land registry on March 8.

The attack froze registrations worth €150 million and forced the state organization to an extended outage, which could only be resolved by building a new portal at a different address, set up with limited functionality more than two weeks later. The University of Cyprus and the Ministry of Defense have also reported attempted breaches by the same hackers.

Medusa Ransomware Group’s Targets and Tactics

Unlike other ransomware actors, Medusa does not consider education organizations off-limits. In early March, the group targeted the Minneapolis Public Schools district, demanding a ransom of $1 million.

For more information on the profile of Medusa ransomware, check out our detailed analysis of the threat actor, which covers techniques, tactics, and procedures (TTPs).

Ransomware Attacks and their Impact

Ransomware attacks continue to be a major concern for organizations globally, as they can cause significant damage to both their reputation and financial stability.

Cybersecurity experts advise organizations to adopt a proactive approach to security, including implementing robust security measures, regularly backing up data, and training employees on how to identify and avoid cyber threats. In the event of an attack, it is recommended to have a comprehensive incident response plan in place to minimize damage and reduce downtime.

The Impact of Cyberattacks on Education

Education organizations, including universities and schools, are increasingly being targeted by cybercriminals.

These attacks can have severe consequences, including the loss of confidential data, disruption of online learning, and loss of research and development work.

In response, educational institutions must prioritize cybersecurity and ensure they have the necessary measures in place to protect their systems and data from cyber threats.

The Medusa ransomware group’s cyberattack on the Open University of Cyprus highlights the need for organizations to remain vigilant against the ever-evolving threat landscape.

By adopting a proactive approach to security, including implementing robust security measures, backing up data, and training employees, organizations can reduce the risk of cyberattacks and minimize their impact.