Sapienza University Offline Days After Cyberattack

Sapienza University of Rome, one of Europe's largest academic institutions with approximately 120,000 students, has been grappling with significant digital disruption for several days following an apparent cyberattack. The university's computer systems were taken offline as a precautionary measure, impacting various digital services and communication channels.

University Responds to Outage

In statements published on its Instagram account on Tuesday, Sapienza University confirmed it had proactively shut down its systems after detecting the cyberattack. The institution announced it was actively investigating the incident and working diligently to restore all digital services. While some communication channels, such as email and workstations, are experiencing "partially limited" functionality, the university emphasized that its backups remained unaffected by the breach, forming the basis for system restoration efforts.

As of the time of reporting, the official Sapienza University website remains inaccessible.

Alleged Ransomware Attack and Hacker Group Identified

Italian daily newspaper Il Corriere della Sera reported this week that the disruption stems from a ransomware attack, though this has not yet been officially confirmed by the university or Italian authorities. According to the newspaper, the attackers allegedly sent the university a link containing a ransom request, which includes a 72-hour countdown that would commence upon clicking the link.

Further reporting by Il Corriere on Wednesday identified the hacking group behind the incident as "Femwar02," a name previously unknown in cybersecurity circles. The report indicates that Femwar02 utilized the BabLock malware, which was first discovered in 2023 and is also known as Rorschach.

Impact on Students and Ongoing Investigations

Despite the widespread system outage, Sapienza University has stated that examinations are proceeding as scheduled. However, students wishing to register for exams must now do so directly with their professors. To assist students during this period, the university has established "infopoints" at various campus locations to provide information and support.

Italy's national cybersecurity agency, Agenzia per la Cybersicurezza Nazionale (ACN), is currently investigating the incident. Spokespeople for ACN did not immediately respond to requests for comment regarding the nature of the attack or further details.

Universities and educational institutions are frequent targets for cybercriminals. Last year, the notorious ShinyHunters hacking group successfully breached Harvard University and the University of Pennsylvania, stealing data in an extortion attempt. The hackers recently revealed that neither institution paid the demanded ransom.

Sapienza University did not respond to TechCrunch's request for comment, sent via email, and it remains unclear if the university was able to receive emails at the time of outreach.