Student petitions for tuition refunds after DDoS attacks
Another year, another attack on the University’s servers.
Rutgers raised tuition and fees 2.3 percent for the 2015-2016 school year, and part of that money went toward $3 million on increasing cybersecurity and computer networks this year after four attacks on the computer networks last year.
According to nj.com, Rutgers hired FishNet Security, Level 3 Communications and Imperva to test the University’s computer network for vulnerabilities.
On Sept. 30, Rutgers was attacked again under a DDoS, a Distributed Denial of Service, which occurs when data requests flood a server and overload it, rendering it largely unusable.
Following this attack, Riccardo Mui, a School of Engineering junior, began a petition, titled the “Rutgers CyberDefence Budget Return," which requested University President L. Robert Barchi to return the money spent on these cyber-attacks to the students. As of the afternoon of Oct. 8, the petition had collected 1,024 supporters of the hopeful 1,500.
“Rutgers has been under a series of DDoS attacks which has crippled our computing services, which many of us rely on to get the latest updates on our assignments and more,” Mui said in a Facebook post. “This petition’s goal is to have Rutgers send a refund to its students for the raise in tuition dedicated to ‘upgrading’ the cyber security framework.”
Students should be fully or partially refunded because they were not promised the protection Rutgers promised with the upgrades, Mui said.
He said on Facebook that while attacks are inevitable, he is attempting to get some type of compensation.
Students who supported the petition commented with reasons such as “Where is my money even going to?” and “When I buy a cup of coffee, I expect it to keep me awake.”
Glenn Bouthillette, a School of Environmental and Biological Sciences junior, signed the petition.
He said he felt as thought students and faculty were not treated with fairness and respect by administrators.
“It is the responsibility of the Rutgers executive leadership to represent the University and to make sure that the tuition money we are paying for goes toward a fair and balanced education for students and fair and balanced budget for faculty,” he said.
Promises were made by Rutgers, but they failed at keeping them, Bouthillette said.
“After the attacks that happened last semester, we received an email stating that they promised to upgrade the servers and cybersecurity at the cost of our tuition money,” Bouthillette said. “After the attack a few weeks ago, I felt that most of the money did not improve our cybersecurity and went to other things.”
On the other hand, Jeffrey Ma, a School of Environmental and Biological Sciences junior, believes the petition is relatively pointless.
“You’re asking for pennies back relative to the tuition you already pay, and even if Rutgers refunds you, you’re not getting much,” he said. “Hypothetically, if only 50 percent of Rutgers population paid tuition, you’re getting back roughly $100 at most.”
Ma said he thinks the money did go toward cybersecurity, and just because it was not perfect doesn’t mean it did not work.
“DDoS attacks are pretty hard to protect against. Given a large enough bot net, they can take down even the largest networks for a time, so the fact that this time it was down for a few hours as opposed to an entire week is a huge difference,” he said. “People think network protection means that it makes your network invulnerable, and that if the network goes down even for a little, it means the protection isn’t working."
Ma said network security is not just black and white, and “a lot more elements go into it than people think.” Many students are signing the petition because “they see ($3 million) and think they’ll get a massive refund,” but do not realize they would receive a small refund.
“People think that IT magically works without any funding," Ma said. "If the $3 million is refunded, and the protection is taken away, and another attack like last semester’s comes, I guarantee people will start complaining about how they paid good money to go to school that can’t even keep its Internet service running, not realizing that they were the ones who made it so the Internet could be taken down for so long."
The Federal Bureau of Investigation (FBI) and a state cybersecurity initiative launched by Gov. Chris Christie are looking into the perpetrators of these attacks.
Bruce Fehn, Rutgers’ senior vice president for Administration, is head of the cyber security effort, according to nj.com.
“We were not well protected,” Fehn told nj.com. “We feel we are in a better position than we were before.”