Nova Ransomware Group Attack on Universitas Nasional
The Nova Ransomware Group has claimed a successful breach of Universitas Nasional, part of an aggressive expansion targeting high-value academic, government, and professional services sectors. Utilizing a double-extortion model, the threat actor prioritizes massive data exfiltration—with recent breaches of KPMG Netherlands and Universitat de València yielding between 300GB and 500GB of data. The campaign likely utilizes initial access via RDP brute-forcing or edge device exploitation, followed by lateral movement and exfiltration using tools like Rclone or FileZilla. This incident risks the exposure of student PII, faculty research, and administrative credentials, posing a significant threat of secondary extortion through dark web leak sites.