[186323] in North American Network Operators' Group
Re: Ransom DDoS attack - need help!
daemon@ATHENA.MIT.EDU (Anne Mitchell)
Thu Dec 10 09:40:55 2015
X-Original-To: nanog@nanog.org
From: Anne Mitchell <amitchell@isipp.com>
Date: Thu, 10 Dec 2015 07:40:45 -0700
To: nanog@nanog.org
Errors-To: nanog-bounces@nanog.org
Last year when this happened to several large providers, it was a =
cluster all around the same time, and it turned out that it was the same =
org hitting all of them. This quickly came to light as we (ISIPP) =
started coordinating with the targets, because the attacker was using =
the same gmail address for communicating with each target. We had a =
preservation demand served on Google (so they wouldn't delete the gmail =
account when the complaints started happening), and the Feds were =
quickly involved. In fact, the Basecamp group that I mentioned came out =
of that effort.
It seems that several of you here are now experiencing a similar ransom =
DDoS, all that the same time, so I would be very curious to know if this =
is similar - are the demands all coming from the same individual/email =
address? I'd very much like to know. Can each of you who is on the =
receiving end of this please send me the email address associated with =
the demands? (I'm on digest here, so even if you post it here, *please* =
also cc: me).
Anne
Anne P. Mitchell,=20
Attorney at Law
CEO/President, Institute for Social Internet Public Policy
Member, Cal. Bar Cyberspace Law Committee
Member, Colorado Cyber Committee
Member, Asilomar Microcomputer Workshop Committee
Author: Section 6 of the CAN-SPAM Act of 2003 (the Federal anti-spam =
law)
Ret. Professor of Law, Lincoln Law School of San Jose
Ret. Chair, Asilomar Microcomputer Workshop
