Rutgers University fell prey to a cyberattack the last week of April that left students unable to log in to their emails or complete Web-based assignments. Students reported disruptions in Wi-Fi services and in their online course tool, leading to confusion about how finals week would proceed. The attack was a distributed denial of service attack according to the Rutgers Office of Information Technology.
In light of the cyberattack, the university has chosen to implement a new grading policy that will prevent students from being penalized because of not being able to complete their assignments. Among other options, the new guidelines will allow online-only students to elect to receive pass/fail grades, and final exams that would have taken place online will now be administered via handwritten assessments. Nancy Cantor and Todd Clear, the school's chancellor and provost respectively, announced the new grading policy online.
The school is doing all it can to assuage students' concerns about current grades, but the overall picture still contains questions about the party or entity that executed the hack. The Federal Bureau of Investigation is assisting Rutgers with their ongoing investigation into the DDoS attack, according to NJ.com. As of Thursday, April 30, the DDoS attacks were "ongoing and persistent." The hope was that IT services would be up and running in time for students to take their finals, but Rutgers administrators continue to develop contingency plans in the event the services are not reestablished.
This is Rutgers' second cyberattack in as many months, which indicates schools and organizations could benefit from using managed SIEM services to protect its students data and grades instead of relying on firewalls or antivirus software.
Cybersecurity news and analysis brought to you by Arctic Wolf, inventors of FireBreak detection and response security services. FireBreak, when your firewall fails.