Unfortunately, we didn't receive a clear indication that an attack was ongoing, as none of our monitoring systems indicated higher-than-normal load. Since the attack consisted of extremely small but numerous data packets, it only affected our cloud provider's network, which we didn't directly monitor. We have now added additional monitoring to be notified of this type of attack on our cloud provider.
Unfortunately, network attacks are something that cannot be avoided. However, there are measures to minimize disruptions when they occur. Many attacks can be easily stopped if they originate from one or a few external addresses. In cases like this, with attacks from millions of addresses simultaneously, it's not always possible to avoid disruptions.
It's also the case that an attack usually has a specific target but can affect seemingly unrelated sites because some network resources and addresses are shared. Therefore, it's important to identify the attack's target and remove it. We have now identified the target of the attack and removed it.
To counteract similar disruptions in the future, we have also developed better solutions for quickly changing the IP addresses for affected sites, which bypasses the issues more rapidly.
However, to change IP addresses, access to a site's A-records or proxy settings is required. In cases where we don't have this access, we will, if necessary, notify site owners as soon as possible about the actions they need to take to change their IP address.
We apologize for any inconveniences this has caused.