Rutgers network crumples under siege by DDoS attack
The Rutgers network came under a Distributed Denial of Service (DDoS) attack beginning on March 27 and ending on March 30, according to an email sent by Don Smith, vice president and chief intelligence officer for the University’s Office of Information Technology.
The incident, which knocked out access to RUWireless and RUWireless Secure, the school’s Internet networks, as well as Sakai, the University’s online learning platform, among other sites, was the third DDoS attack allegedly committed by a perpetrator since the first occurrence on Nov. 19, 2014.
Not all DDoS attacks are the same, but a common attack method, and the one that OIT worked to combat in November, saw the Rutgers network saturated with external communication requests, according to an article printed on Nov. 23, 2014 in The Daily Targum.
During the DDoS attack in November, 40,000 web robots, or “bots,” originating from Eastern Europe and China flooded the network, dismantling the class web registration system when first-year students were scheduled to enroll in classes for the upcoming spring semester, according to the article.
The second DDoS attack overloaded the Rutgers network on March 4, 2015, when the alleged attacker sent two emails to The Daily Targum detailing his intentions.
“A while back you had an article that talked about the DDoS attacks on Rutgers,” the email read. “I'm the one who attacked the network … This might make quite an interesting story … I will be attacking the network once again at 8:15PM EST. You will see sakai.rutgers.edu offline.”
The emails, which were relayed to OIT the same day, launched an investigation. Around that time, Smith asked The Daily Targum to postpone reporting about the second attack and the emails until OIT could consult with police.
Based on the specific details provided by the alleged attacker in the emails and the occurrence of a DDoS attack on Sakai around the same time frame indicated by the individual in the emails, Smith said he was inclined to believe the messages were “credible.”
Despite the emails sent by the alleged attacker, Smith said that since the DDoS uses intermediary computer systems to create the denial of service, it is difficult to tell if the perpetrators are the same in each event.
OIT is working with the Rutgers University Police Department and the Federal Bureau of Investigation to identify the individual(s) responsible, Smith said. He declined to comment any further on the case because it is currently under investigation.
Since the most recent DDoS attack launched on the afternoon of March 27, OIT managed to restore RUWireless, RUWireless Secure and Sakai in the earlier part of the day on March 30.
Smith said there is no indication that any personal information was compromised, but that he and his staff are continuing to monitor that aspect of the situation very closely.
This is a developing story. Stay tuned as details emerge.
Katie Park is a School of Arts and Sciences junior majoring in political science and journalism and media studies. She is the News Editor at The Daily Targum. Follow her on Twitter @kasopar for more stories.