Not tremendously helpful attitude this. You never know, perhaps Janet will protect every UK education institution with Arbour in future... Or schedule monthly DDoS tests against us all. I doubt.
Attitudes of those involved are much more clearly identified here: http://uk.businessinsider.com/talktalk-hack-vamp-c-glubz-hackers-interviews-2015-11 >>> On 10/12/2015 at 12:06, in message <[email protected]>, "Graham L. Stewart" <[email protected]> wrote: > Got to say though if you have a sustained DDoS you can’t mitigate in over 24 > hours you should probably have bought in to Arbour or similar a while ago. > Everyone is being very nice around the situation but its really not > acceptable to have had the downtime. I know my commercial customers wouldn’t > accept that. I know of networks able to mitigate even large DDoS attacks in > an hour. Sounds like they didn’t have a plan or if they did it wasn’t tested > well. > > > > Graham > > > > On 10/12/2015, 11:19, "Tim Chown" <[email protected]> wrote: > > >> On 9 Dec 2015, at 17:44, Keith Mitchell <[email protected]> wrote: > >> > >> On 12/09/2015 07:37 AM, Pete Stevens wrote: > >>> Either way, it's a gentle push to suggest that if some accurate and > >>> helpful information could be released to the community / public, it > >>> might be helpful to do so sooner rather than later to counter > >>> misinformation that is already out in the public domain. > >> > >> Indeed, in the absence of detailed public statements, analyzable data > >> would be a good thing. What's baffling me about these attacks is the > >> motivation - it's very much the season for online shopping extortion > >> attacks, and what happened to the root last week suggests there's a lot > >> of DDoS generally going on right now, but its not clear what's to be > >> gained from taking out academic infrastructure. I hope it's not some > >> deadline-shy undergrad using a booter site to avoid their assessments > >> ("the DoS ate my homework"...), but sadly such things are not > >> inconceivable these days. > > > >It seems very likely to me that in cases such as this there are > sensitivities around the disclosure of any specifics around the attack, esp. > when the attack may still be considered ongoing, mitigations are being > deployed, or there is a non-negligible risk of the attack resuming. > > > >Being at a university, I know that university IT dept contacts have been > kept in the loop with periodic updates, which is very welcome. > > > >So it may be that some details are published in due course, but I fully > understand why that is not the case yet. The only problem then of course is, > as Pete implies, the age old issue of nature abhorring a vacuum, and junk > rumours / stories emerging and being published in various press outlets. It’s > a tricky balance. > > > >Tim > > Mae'r e-bost hwn ac unrhyw ffeiliau atodedig yn gyfrinachol ac at sylw'r unigolyn neu'r sefydliad a enwir uchod. Bydd unrhyw farn neu sylwadau a fynegir yn perthyn i'r awdur yn unig ac ni chynrychiolant o anghenraid farn Coleg Sir Gâr. Os ydych chi wedi derbyn yr e-bost hwn ar gam, rhowch sylw i'r gweinyddwr ar y cyfeiriad canlynol: [email protected] Cysidrwch yr amgylchedd - a oes wir angen argraffu'r ebost hwn? This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. Any views or opinions expressed are solely those of the author and do not necessarily represent those of Coleg Sir Gâr. If you have received this email in error please notify the administrator on the following address: [email protected] Please consider the environment - do you really need to print this email?.
