14 DAY TRIAL // A hacker known under the moniker Exfocus has resumed his regular DDoS operations, targeting Rutgers University once again, after he previously did so four other times at the end of March and start of May this year.
Back then, various portions of the university's IT infrastructure had been periodically going up and down, culminating with a 5-day period between late April and early May when the university's Internet access was completely knocked offline.
During that period, students weren't able to use credit cards on university grounds, nor its Sakai and Ecollege LMS (Learning Management System) applications.
According to an interview the hacker gave to Dimitry Apollonsky, a client requested him to attack Rutgers, and he was paid in Bitcoin for his services. The same interview revealed that the hacker was in possession of a botnet numbering over 85,000 machines and was able to launch attacks of around 25 Gbps.
While recent DDoS attacks can easily go over 100 Gbps, Exfocus' attack, even if of only 25 Gbps, was strong enough to convince the university's management to spend $3 million / €2.67 million during the summer to upgrade its security measures. Some reports claim that this additional spending caused student tuition to go up by 2.3%.
New server hardware, new ISP, and DDoS mitigation didn't help
Despite all this, this latest round of DDoS attacks seems to have had no problem in bringing down Internet and WiFi access for the entire university.
In a message on its official website and Facebook page, the Rutgers IT department representative said that "Since that time, we have made significant and substantial network hardware upgrades, are utilizing DDoS mitigation services, have made Web server improvements and have changed Internet Service Providers to ones that provide additional levels of DDoS threat deterrent capacity."
In the aforementioned Apollonsky interview, Exfocus said, "I’m hoping that RU will sign on some DDoS mitigation provider. I get paid extra if that happens." Someone got paid extra.