Rutgers University to Spend $3 Million on Cybersecurity

Following a spate of recent cyberattacks targeting the university last year, officials now say Rutgers University is expected to spend up to $3 million on cybersecurity this year.

Rutgers University was targeted at least four separate times during the last school year, and the school has hired multiple cybersecurity firms to help secure their networks and computer systems against more cyber attacks, reports NJ.com.

The information was made available through documents gathered due to New Jersey’s Open Public Records Act. The firms involved are tasked to run a Threat Assessment Test of the university’s computer network among other protocols which cannot be discussed for security reasons, officials say.

Related article: 8 Colleges Impacted in Harvard Data Breach

Univeristy officials noted the increasing expenses of reinforcing cybersecurity this year and added that the additional cost is one of the causes of increased tuition and fees for students. There is a 2.3 percent increase in fees for the 2015-16 school year.

Bruce Fehn, the senior vice president for administration at Rutgers University who heads the cybersecurity reinforcement measures said:

“We were not well protected. We feel we are in a better position than we were before.”

DDoS-based Attacks

A hacker who goes by the alias ‘Exfocus’ bragged about being the instigator of the many DDoS-based attacks targeting the university. Taking to Twitter, Reddit and other social media websites, the hacker claimed that he/she was paid up to $500 an hour in Bitcoin by an anonymous client who had a bone to pick with Rutgers.

In a post on Pastebin, the hacker taunted officials by saying: “Honestly, I am sitting here dumbfounded at the amount of incompetence displayed once again by the Rutgers IT department. I’m fairly certain I could run circles around all of you with my eyes closed, and one leg amputated.”

University officials also stress that the attacks did not result in the theft of any data. They were triggered to annoy students during spring classes and bring embarrassment for the university.

Earlier this year in March, the same hacker sent multiple emails to the Rutgers student newspaper – the Daily Targum, threatening to attack ‘Sakai’. Sakai is the university’s learning platform hosted online that is routinely used by students to help with their class assignments.

“I’m the one who attacked the network … This might make quite an interesting story … I will be attacking the network once again at 8:15 PM EST. You will see sakai.rutgers.edu offline,” warned one of the emails, as reported by the Daily Targum.

Surely enough, the hacker stuck to his/her word and launched another DDoS attack which crippled Sakai.

Campus officials at Rutgers forecast the need for a increased permanent budget from the governing board of the university toward cyber security. While state funding for the university falls, it’s the students who are likely to cover cybersecurity costs through increased tuition fees.