On the criminal aspect: I hope that the incident has been reported to the police. While the chances of the criminal being caught are slim, on the other hand they haven’t shown a lot of competence up to now, so who knows.
Are you talking about the criminals or the police?
Hi,
has the DDoS attack been solved? i have no problems to use OSM right now
regards
walter
It’s a pity the log_in server is just one and no parallel exists for the purpose of serving the community forum. I logged out just before reading ‘do not log out as you cant log in’, To me the community forum is the one place where to signal where something is awry. The DDos certainly resulted in complete shutout for me. Thinking about it, the DDos could even be a front for something sinister being run in the back, more well wishes for Andy.
We have 3x primary and 2x backup “log_in” servers. Today was a very unusual day for the Ops team with a DDOS flooding our entire ISP uplink. 12000 Mbps.
I take that for granted … thanks, mate, to you and the Ops team!
The incident has been reported to the UK’s National Cyber Security Centre. https://www.ncsc.gov.uk/
Evidence includes ransom emails received, DDOS rate (Req/s and Mbps) and other relevant details.
I am considering also reporting the incident to https://www.ncsc.nl/ as our servers are located in the Netherlands. Our Ireland servers were also briefly attacked.
Update: Also reported to ActionFraud on recommendation from NCSC.gov.uk