Women’s march The protests that sweeped America can evolve into a bigger movement
ru bioethics society The organization aims to open discussions on controversial scientific issues
SEE opinions, page 6
MEN’S BASKETBALL Knights and Pikiell earn first Big Ten win of the season
SEE sports, back
SEE science, page 8
WEATHER Rain and wind High: 43 Low: 39
Serving the Rutgers community since 1869. Independent since 1980.
rutgers university—new brunswick
Monday, january 23, 2017
Reporter identifies U. student as Denial of Service attack perpetrator
A prominent cybersecurity journalist identified School of Arts and Sciences sophomore Paras Jha as the perpetrator of a series of Denial of Service (DDoS) attacks, including ones that targeted Rutgers servers between 2014 and 2016. PHOTO ILLUSTRATION BY DIMITRI RODRIGUEZ / PHOTO EDITOR
Nikhilesh De News Editor
Over the course of two years, Rutgers University suffered from nearly a dozen Distributed Denial of Service (DDoS) attacks, which disrupted access to web services like Sakai, disabled internet access for anyone on campus and virtually crippled the school’s network infrastructure. Last week, cybersecurity reporter Brian Krebs alleged that School
of Arts and Sciences junior Paras Jha was the perpetrator of these DDoS attacks. Krebs said Jha is also the author of the Mirai botnet, which disabled websites and internet access around the world last year, and alleged that he is known online as “Anna-senpai,” who committed of dozens of Distributed Denial of Service attacks internationally. Robert Coelho, vice president of DDoS mitigation company ProxyP-
ipe Inc., confirmed that Jha is either Anna-senpai or is close to the coder. “Paras Jha is Anna-senpai. It is him or someone very, very close to him,” he told The Daily Targum in an email. “The idea ... was presented by me to the FBI (Federal Bureau of Investigations), who had the exact same suspicion. I told them some history and everything I knew, and they began their own investigation. I also confirmed it with Krebs. This was a few months ago.”
ONLINE AT DAILYTARGUM.COM Krebs first began investigating the Mirai botnet after his website was taken down by a massive DDoS attack, he said in his article. He noted similarities between the code composing Mirai and other types of malware he had seen previously. The use of these other botnets connected him with Coelho. A conversation with Coelho pointed him toward the theft of IP addresses from ProxyPipe by a cloud hosting company called FastReturn. This attack led Krebs to a programmer named Ammar Zuberi, the former owner of FastReturn. Zuberi left FastReturn to work for ProTraf Solutions, which Jha’s LinkedIn page says he is the president of. The only other employee ProTraf has is Josiah White, a known programmer and suspected malware author. In an interview with Krebs, Zuberi identified Jha as both Anna-senpai and “ogexfocus,” also known as “exfocus,” who claimed responsibility for the Rutgers attacks through Twitter and Reddit. “Zuberi said when he visited Jha at his Rutgers University dorm in October 2015, Paras bragged to him about launching the DDoS attacks against Rutgers,” according to Krebs’ article.
What happened at Rutgers?
Rutgers University was hit by nearly a dozen Distributed Denial of Service attacks over the course of two years, beginning in the fall 2014 semester. The most recent attack took place during the first day of the fall 2016 semester.
These attacks both prevented access to University websites and services from off-campus networks and degraded internet access to students, faculty and staff using RUWireless, Wireless Secure or ResNet. They ranged from only lasting a few hours to impacting the school for days at a time. The Department of Homeland Security and the FBI were both investigating the outages and their cause as of September 2015. A DDoS attack cripples network infrastructure by overloading it with requests. Under normal circumstances, University servers expect to receive and respond to a given number of requests, but a Denial of Service attack can overwhelm these servers by sending many times the expected number. In simpler terms, a DDoS attack is equivalent to the entire Scarlet Knights football team simultaneously tackling someone who was only expecting a handshake. Rutgers hired several mitigation companies to protect its servers in 2015, including Level 3 Network Security Services and FishNet Security, after the first five attacks. The attacks did not stop that year, though there were only three more disruptions that year, and only one in 2016. “Even if it wasn’t (Jha’s) decision to attack Rutgers, it would have been very easy for his friends around him to peer pressure him into doing it, particularly (Josiah White),” Coelho said. “(White) comes across in a very innocent light from Krebs’ article likely due to his cooperation, but he was See perpetrator on Page 5
Brodsky Center creates art rental program on campus Mary Berko contributing writer
Students can now add some cosmopolitan flair to their residence halls by renting artwork from PAW Prints, a program that makes professional artwork available for student living spaces. PAW Prints stands for Prints Available for Walls. The organization’s mission is to give students the opportunity to enjoy art, according to their website. Over 300 artists collaborated with the Brodsky Center to create this program. The center, which is housed inside of the Mason Gross School of the Arts, commissions artists to create “groundbreaking” work — primarily in print and paper mediums, according to their website. “We invite professional artists to come to our center and create work with us, which are exhibited at national art fairs, collected and exhibited by museums, sold to private collectors and loaned out across the Rutgers campus to different departments,” said Jennifer Lorenz, communications and program coordinator for the Brodsky Center.
Similar to renting a book from a library, students will be able to present their ID, pay a $5 membership fee to the Brodsky Center and choose from up to 20 different pieces of artwork. The students will own the artwork from Jan. 27 until April. 26, when all pieces will be returned to the center in pristine condition, according to the website. “We developed PAW Prints with the hope and intention of reaching out to students, giving them the opportunity to house professional, museum-quality artwork in their dorm or apartment,” Lorenz said. The Brodsky Center has been working with famous artists for over 30 years, with many of their pieces included in collections in the Metropolitan Museum of Modern Art, according to their website. PAW Prints will feature work by well-known artists William Kentridge, Lesley Dill, Kiki Smith, Joan Semmel and Sylvia Sleigh. Lesley Dill, a New York-based artist, said this is not the first time she has been involved with selling her art for a good cause.
PAW Prints, which is based out of Mason Gross School of the Arts, allows students to temporarily own professional artwork for their residence halls or living spaces. The program will use artwork that was created on campus. DIMITRI RODRIGUEZ / PHOTO EDITOR “I was involved in the Nasty Woman exhibit and all our works sold for $100,” Dill said. “All the proceeds are going to Planned Parenthood.” Accomplished artist and former Mason Gross School of the Arts faculty Joan Semmel said she was involved in a feminist portfolio called
“Femfolio” at Rutgers University. This portfolio brought together 20 female artists who lead the feminist art revolution during the 1970s, according to the Brodsky Center website. The works of these artists and others will be available to 20 students on a first come, first serve basis. All of
VOLUME 148, ISSUE 128 • University ... 3 • opinions ... 6 • Science ... 8 • Diversions ... 9 • SPORTS ... BACK
the pieces available for rent are originals and one of a kind, Lorenz said. “It’s first come, first served, so students may want to arrive early, especially to get (their) first pick,” Lorenz said. “The work is already framed and will come with instructions on how to safely install them.”