Hacker Paralyzes Rutgers University With DDoS Attacks; Mocks Its Cybersecurity Efforts
A distributed denial of service (DDoS) attack paralyzed Rutgers University’s computer network Monday for the morning and early afternoon. The alleged hacker taunted the school on social media sites, according to nj.com, a New Jersey news site. The hacker claimed he or she was being paid $500 an hour in bitcoin by someone with a grudge against the school, which has invested $3 million in cybersecurity after suffering from previous attacks. The school has reportedly raised its tuition to improve cybersecurity.
By Monday afternoon, Rutgers’ websites and internet access appeared to be returning to normal.
Hacker Taunts Rutgers
Several taunting tweets appeared on the hacker’s Twitter account Monday before and after the latest attack. The hacker calls himself or herself “Exfocus.”
One tweet posted at Noon read: “where internet go?? 3m dollar gone?” in reference to the $3 million investment the school has reportedly made in cybersecurity.
How about instead of paying $3 million on cyber security, we just pay @ogexfocus that money to run the IT department
— Smoochie Wallace (@Jay_Levash) September 28, 2015
In a tweet posted shortly before Monday’s cyber attack began, Exfocus wrote, “RIP rutgers cas 2k15.” This tweet referred to crashing Rutgers’ Central Authentication Service, the site where Rutgers students and staff enter identification names and passwords to access the university’s networks.
The tweets were later removed, but several students captured screen shots of Exfocus’ Twitter page while the tweets were still visible to the public.
“Normally I don’t show myself, but the entity paying me has something against the school. They want me to ‘make a splash,'” Exfocus said in an interview posted by Dimitry Apollonsky, a tech blogger.
Some Rutgers students directed their frustration at the alleged hacker’s Twitter account (@ogexfocus).
Can whoever like caught Lizard Squad catch this ogexfocus dude? If this is gonna be a regular occurrence during exam time….
— Jerm. (@jermgonz) September 28, 2015
Other students voiced anger at Rutgers officials, who said in July the university was raising tuition partly to help cover the rising cost of cybersecurity.
Rutgers Invests In Cybersecurity
Rutgers hired three cybersecurity consultants — FishNet Security, Level 3 Communications, and Imperva – over the last year to upgrade cybersecurity on campus. Rutgers paid Imperva $160,000 to help protect against denial of service attacks, according to records obtained through the state Open Public Records Act.
It is unclear if Exfocus is responsible for the cyber attacks or an elaborate hoax. However, the taunting tweets appeared to begin shortly before the latest cyber attack began.
The latest attack was at least the fifth “denial of service” attack since last fall.
Featured image from Shutterstock.