Re: Ransom DDoS attack - need help!

[Anne Mitchell <amitchell () isipp com>]

Last year when this happened to several large providers, it was a cluster all around the same time, and it turned out 
that it was the same org hitting all of them.  This quickly came to light as we (ISIPP) started coordinating with the 
targets, because the attacker was using the same gmail address for communicating with each target.  We had a 
preservation demand served on Google (so they wouldn't delete the gmail account when the complaints started happening), 
and the Feds were quickly involved.  In fact, the Basecamp group that I mentioned came out of that effort.

It seems that several of you here are now experiencing a similar ransom DDoS, all that the same time, so I would be 
very curious to know if this is similar - are the demands all coming from the same individual/email address?  I'd very 
much like to know.  Can each of you who is on the receiving end of this please send me the email address associated 
with the demands?  (I'm on digest here, so even if you post it here, *please* also cc: me).

Anne

Anne P. Mitchell, 
Attorney at Law
CEO/President, Institute for Social Internet Public Policy
Member, Cal. Bar Cyberspace Law Committee
Member, Colorado Cyber Committee
Member, Asilomar Microcomputer Workshop Committee
Author: Section 6 of the CAN-SPAM Act of 2003 (the Federal anti-spam law)
Ret. Professor of Law, Lincoln Law School of San Jose
Ret. Chair, Asilomar Microcomputer Workshop