Cyber Incident Victim: Rutgers University
Date:
Apr 2015
Location:
United States of America
Summary
A cyber attack targeting Rutgers University disrupted internet services through a distributed denial of service (DDoS), causing intermittent outages affecting wi-fi, email, and the Sakai academic resource platform. The university's IT staff worked to restore services while collaborating with federal law enforcement, including the FBI, to investigate the incident. This marked a recurrence of similar disruptions, following a prior DDoS attack that had impacted the institution and another university. Officials confirmed the attack caused operational interruptions but did not indicate any compromise of confidential data during the incident.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 6 motives | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
In late April 2015, Rutgers University experienced significant disruptions to its network services due to a distributed denial of service (DDoS) cyber attack. The university's Office of Information Technology (OIT) confirmed the attack through a social media update posted at 9:00 AM on Tuesday, April 28, noting that technical difficulties had persisted since at least 8:30 AM that morning. This incident followed a similar attack in March 2015 that had affected both Rutgers and Fairleigh Dickinson University. The April attack caused intermittent outages across multiple critical university systems, including wi-fi connectivity, email services, and Sakaiāan academic resource platform used by faculty and students for coursework and communication. Students began reporting service interruptions through social media channels as early as Monday, April 27, indicating the attack's effects preceded the official university acknowledgment. University spokesman Steve Manas publicly acknowledged the ongoing efforts to resolve the disruptions but declined to specify which systems were most severely impacted or whether confidential data had been compromised during the incident, directing inquiries to OIT's published statements instead.
The university's response involved coordinated technical efforts by OIT staff to restore services while collaborating with federal law enforcement agencies to investigate the attack's origins. Following the March 2015 DDoS incident, Rutgers had already established an investigative partnership with the FBI, as confirmed by university spokesman E.J. Miranda via email. The April attack's operational characteristics aligned with typical DDoS patterns, where attackers overwhelm target systems by directing excessive traffic from multiple networked devices. No evidence suggested unauthorized access to sensitive institutional or personal data occurred during either attack. Service restoration efforts remained ongoing at the time of the April 28 report, with university officials providing updates primarily through OIT's Facebook communications channel while withholding specific technical details about mitigation strategies or investigation progress. The recurring nature of these incidents within a two-month period underscored persistent vulnerabilities in the university's network infrastructure to externally orchestrated disruption campaigns.