Three cyber-security firms could not handle the attack

Dec 29, 2015 21:30 GMT  ·  By

Rutgers University's IT department has managed to restore all services after a large-scale DDoS attack kept some of its systems down for four days between December 24 and December 28.

This is not the first time Rutgers University has been hit with a DDoS attack, having already reported on a similar incident back at the end of September. Earlier this year, at the end of March and start of May, university staff also suffered four similar attacks, with the longest one lasting for five full days.

Sixth time this year, nobody has claimed responsibility yet

The first five attacks were claimed by a hacker that went by the name of Exfocus, who admitted in an interview that he was hired via an underground forum to carry out the DDoS bombardment, and later paid in Bitcoin.

Unlike in the case of the first five attacks, Exfocus has not come forward to claim responsibility.

The Rutgers IT staff said the attack targeted the sakai.rutgers.edu URL, the University's Sakai portal. Sakai is an open source, self-hosted Java-based course learning environment used primarily by academic institutions.

The DDoS attack did not affect student activities since students are away for Christmas break, which started on December 24 and will end on January 5.

A $3 million investment in IT security systems did not help at all

Last August, Rutgers management spent $3 million / €2.67 million on security measures to bolster their online platform. According to NJ.com, the University hired three cyber-security firms. The unplanned investment was motivated by the March and May attacks.

Despite this, the University's DDoS mitigation provider has failed to live up to its job, both in September and in this most recent four-day-long attack.

In his interview, Exfocus said that he controlled a botnet of 85,000 machines, and was able to launch DDoS attacks of around 25 Gbps, which is considered to be of a medium scale.

The proper law enforcement agencies have been notified of the attack. Softpedia has reached out to Exfocus on Twitter. We'll update the article if we uncover any new information.