Cyber Incident Victim: Université de Guyane
Date:
Apr 2024
Location:
French Guiana
Summary
The Université de Guyane experienced a cyberattack attributed to the FOG group, causing network disruptions and server disconnections. Critical operational applications were compromised, resulting in encrypted files and data loss, though student activities remained unaffected. A ransom demand was issued via the darkweb, prompting the institution to engage cybersecurity firm Exodata for remediation and file a legal complaint. This incident reflects broader trends of ransomware targeting public institutions like universities, hospitals, and municipalities, with French authorities actively pursuing countermeasures against such threats.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 2 motives | 1 technique |
| Threat Actor | Type | Location |
|---|---|---|
| 1 actor | Available to members | Available to members |
Description
On April 30, 2024, Université de Guyane experienced network connectivity issues that escalated into a confirmed cyberattack by May 2. The attack, attributed to a group identified as FOG, compromised university systems by encrypting files and disrupting applications critical to institutional operations. The university’s website became inaccessible, though student activities remained unaffected. Administrators responded by disconnecting servers from the internet to contain the breach. Forensic analysis revealed data loss, and the attackers demanded a ransom payment communicated via the darkweb. The university engaged Exodata, a cybersecurity firm, to assist with recovery and investigation. A full assessment of compromised systems and data remained pending at the time of reporting. The institution filed a formal legal complaint regarding the incident.
The attack disrupted administrative functions but avoided broader academic impacts. Encrypted files hindered operational workflows, necessitating external technical intervention. Université de Guyane’s incident mirrored a pattern of ransomware campaigns targeting French public institutions, including hospitals, municipalities, and universities. French law imposes penalties of up to €100,000 fines and three years’ imprisonment for hacking offenses, though no arrests were publicly linked to this case. The university’s containment strategy prioritized isolating critical infrastructure while collaborating with specialized responders to restore services and evaluate data integrity. No further details regarding ransom negotiations or data leakage were disclosed in available reporting.