Paras Jha of New Jersey along with two others -- Josiah White of Pennsylvania and Dalton Norman of Louisiana -- also admitted on Wednesday to creating and operating two botnets which targeted "Internet of Things" (IoT) devices, the US Justice Department said.
A botnet is a network of private computers infected with malicious software and controlled as a group without the knowledge or permission of the computers' owners. The multiple cyber attacks were launched between November 2014 and September 2016.
"Paras Jha has admitted his responsibility for multiple hacks of the Rutgers University computer system," Acting US Attorney Fitzpatrick said.
"These computer attacks shut down the server used for all communications among faculty, staff and students, including assignment of course work to students, and students' submission of their work to professors to be graded.
"The defendant's actions effectively paralyzed the system for days at a time and maliciously disrupted the educational process for tens of thousands of Rutgers' students," said Fitzpatrick.
"The defendant has admitted his role in this criminal offence and will face the legal consequences for it," he added.
Jha pleaded before US District Judge Michael Shipp in New Jersey's Trenton federal court to violating the Computer Fraud & Abuse Act.
He executed a series of attacks on the networks of Rutgers University that shut down the institution's central authentication server, which maintained, among other things, the gateway portal through which staff, faculty and students delivered assignments and assessments.
According to court documents, Jha succeeded in taking the portal offline for multiple consecutive periods, causing damage to Rutgers University, its faculty and its students.
The count to which Jha pleaded guilty is punishable by a maximum of 10 years in prison and a fine of $250,000 or twice the gross amount of any pecuniary gain or loss derived from the offence. His sentencing is scheduled for March 13.
On December 8, Jha, White and Norman pleaded guilty to criminal information in the district of Alaska charging them each with conspiracy to violate the Computer Fraud & Abuse Act in operating the Mirai Botnet.
The Mirai Botnet targeted IoT devices -- non-traditional computing devices connected to the Internet, including wireless cameras, routers and digital video recorders.