Rutgers University Hires Three Security Firms to Pentest Its Network | Tripwire

Rutgers University Hires Three Security Firms to Pentest Its Network

Posted on August 24, 2015
FTC Says Identity Theft Victims Don't Always Need a Police Report
Rutgers University has hired three security firms to test its network for vulnerabilities following a series of targeted attacks during the 2014-2015 academic year. According to The Washington Times, FishNet Security, Level 3 Communications, and Imperva will be working with Rutgers to enhance the university's security as classes resume for the 2015 fall semester. Rutgers officials have also stated that the firms will be responsible for other work, the details of which remain confidential for security reasons.
security51.jpg
For the 2015-2016 academic year, the university expects to spend between $2 million and $3 million on information security measures. Those expenditures will in part be funded by a 2.3% increase in tuition and fees. Bruce Fehn, Rutgers' senior vice president for administration and leader of the ongoing security effort, feels that Rutgers has made some progress in better protecting itself since a targeted attack crippled the university's websites and internet access back in April of this year.
"We were not well protected," Fehn said. "We feel we are in a better position than we were before."
Even so, the identity of the individual(s) responsible for the attacks remains unclear. Shortly after the April attack, a hacker named Exodus claimed responsibility for the outage, alleging that he was paid $500 in Bitcoin by a client with a grudge against Rutgers to disrupt the university's computer systems. Exodus has since taunted Rutgers students and officials on both Reddit and Pastebin, and he has shared his thoughts on the university's outages in an interview with a tech blogger. However, it is nevertheless uncertain whether Exodus is responsible for any or all of the four targeted attacks Rutgers suffered during the 2014-2015 academic year or whether he is just a hoax. The Federal Bureau of Investigations, which assisted Rutgers following the targeted attack back in April, has not responded to requests to comment on its ongoing investigation of the incident.
Join over 20,000 IT security pros who get our top stories delivered to their inbox every week!