Kip Lynch ’22
Trinity College began experiencing numerous issues with its servers and network devices on Saturday, Sept. 12. Vice President for Information Services and Chief Information Officer Suzanne Aber first informed the student body of systems interruptions via email on Sept. 12 before revealing the following day that the systems interruptions were the result of a “sophisticated cyberattack.” The main campus Wi-Fi network, “eduroam,” would not be restored until the night of Wednesday, Sept. 16. A Cyber Alert brief by the Connecticut Intelligence Center, obtained by the Tripod, revealed that Trinity College may be one of eight school systems that were targeted by cyberattacks during the week of Sept. 6.
Suzanne Aber first informed the Trinity community of the systems interruptions in the late morning of Saturday, Sept. 12, stating that “IT Services is currently experiencing sporadic issues with a number of servers and network devices.” She updated the Trinity community later that day, revealing that the ITS team expected services to be impacted through the evening of Sept.12. The following evening, Aber would reveal that the ITS team was responding to a cyberattack. She further stated that “we caught the attack early and do not believe any personal or institutional data was accessed.” The Tripod would later speak to Chief of Staff and Assistant Vice President for External Affairs Jason Rojas. On when the administration first learned that the internet issues were the result of a cyberattack, he stated that “Our staff continue to do our due diligence in gathering information on the nature and impact of the disruption. Once we determined we had a clearer understanding of the situation we informed the campus community.” On whether the administration could state with certainty that personal or institutional information wasn’t stolen, Rojas stated that “We continue to review the matter and will provide an update when we have additional information to share.” Additional updates on the security of personal information have not been provided.
In an email sent to the student body in the evening of Sept. 14, Suzanne Aber informed the student body that the ITS team was working with two cybersecurity companies and that “significant progress was made today in ensuring that the quality of our infrastructure is in place to allow us to start bringing services online tomorrow.” Changing priorities and delays would result in the network being restored two days later. Although no specific cybersecurity company was mentioned, Trinity College has highlighted its relationship with alumnus Matthew Prince ’96, CEO and Co-founder of Cloudflare, and previously hosted a Zoom meeting between him and President of the College Joanne Berger-Sweeney on May 27, 2020. Founded in 2009, Cloudflare is notable for mitigating some of the largest ever recorded DDoS cyberattacks as well as for its pro-free speech stance.
According to a Cyber Alert brief, obtained by the Tripod through an anonymous source, “eight (8) different school systems in the State of Connecticut were targeted with DDoS attacks.” The brief further stated that “It is common to see a rise in DDoS attacks being carried out against schools at the commencement of a school year, or after an extended break. Additionally, the implementation of remote learning environments has not only made many more schools more vulnerable to DDoS attack, but also created an environment where successful attacks are even more disruptive.” It is not immediately known whether Trinity is included in the tally of school systems targeted with DDoS attacks. It is also unclear whether Hartford Public Schools, which also experienced a DDoS attack forcing the school system to postpone the start date by one day, is also included in the tally.
A distributed denial-of-service attack, otherwise known as a DDoS attack, is a cyberattack where a perpetrator floods a targeted machine or resource with requests from an array of sources.
The Tripod reached out on Sept. 18 for further clarification to the administration’s previous comments, which went unacknowledged by Rojas as of publication Monday evening.