October 16, 2024 at 03:32AM
The Internet Archive is gradually recovering from a DDoS attack on October 9, followed by a data raid. While some services, including the Wayback Machine, are operational, users may experience fluctuating homepage displays. No attackers have been identified, and concerns remain about the leaked data of 31 million users.
### Meeting Notes Takeaways
1. **Current Status of Internet Archive**:
– The Internet Archive has resumed operations in a limited capacity after a DDoS attack on October 9.
– The homepage intermittently displays in a basic mode or a more typical home page format, but with missing items.
2. **Restoration Progress**:
– As of October 13, Brewster Kahle, the digital librarian, informed that services are gradually coming back online, including email.
– By October 14, the Wayback Machine service was confirmed to be operational, though work continues to restore all archive items and services safely.
3. **Details of the DDoS Attack**:
– Netscout reported the DDoS attack lasted approximately three hours and twenty minutes, peaking at around five gigabits per second.
– The attack targeted three IP addresses and involved TCP RST floods and HTTPS application layer attacks, mostly from devices identified as Mirai variants.
4. **Traffic Sources**:
– The majority of DDoS traffic originated from IoT and home entertainment devices located mainly in Korea and China, with additional traffic from Brazil.
5. **Lack of Attribution and Future Precautions**:
– No specific actors behind the DDoS attack have been identified.
– Details regarding the incident, including preventive measures being taken to safeguard user data and services from future incidents, have not yet been disclosed, though there is high public interest.
6. **User Concerns**:
– There are significant concerns from the 31 million users whose data was leaked, as well as from the broader community of Internet Archive users regarding security and transparency.