Share |

Rutgers Suffers Another Cyberattack

Sixth Cyberattack on Rutgers Despite $3M Spent to Stop Cyberattacks
Twitter user "exfocus," who took credit for the attacks Twitter

NEW BRUNSWICK, NJ—Rutgers suffered its sixth DDOS attack on the morning of December 24, according to officials from the school's Office of Information Technology.

The attack was targeted primarily against Sakai, an online learning tool which students and professors use to submit assignments, post lectures and class material, take exams and quizzes, and interact with students and professors outside of the classroom.

The attacks generally crashi the school's wireless internet service, along with many other services, leaving them unusable. The most recent took place at the end of September.

The most infamous attack happened in the Spring 2015 semester during finals period at the end of April. Lacking access to wireless internet and other online learning tools, many students were unable to complete projects or prepare for finals.

Yet the December 24th attack took place only the day after the fall semester ended on December 23rd, meaning the majority of students remained unscathed.

During each attack, a twitter user named "exfocus" claimed responsibility for the attacks and posted taunting messages.

The six attacks come despite the university pouring $3 million into improving its cybersecurity. Rutgers hired three cybersecurity firms at the end of the summer, Fishnet, Level 3 Communications and Imperva, to test vulnerabilities and overall beef up the security system.

The $3 million was cited by the Board of Governors as one of the reasons for the 2.3% tuition increase which took place in July.

Speaking on the decision to contract the three companies, Brian Fehr, senior vice president for administration at Rutgers, told NJ.com in August that the university was an easy target back when it was attacked in the spring semester.

"We were not well protected," Fehn told NJ.com, "We feel we are in a better position than we were before."

But only a month into the semester on September 28th, wireless services crumbled under the weight of another attack. The outages lasted roughly from 10 am until the late afternoon.

Then-Chief Information Officer Don Smith issued a statement later that day where he wrote that DDOS attacks are "becoming more frequent in cyberspace," and are "experienced in higher education, government and commercial enterprises."

"There is no doubt they are bound to happen again."

But students remained unimpressed, and days later a change.org petition was launched demanding that the $3 million spent on the three cybersecurity companies be refunded, and that a full or partial refund be given to students.

"Instead of tackling the suspected cause of the DDoS attacks known as the individual or group "ExFocus", Rutgers' computer network upgrade has once again failed against similar attacks, yet again crippling the network infrastructure," wrote the petition's author, Riccardo Mui.