Outage: General DDoS on edpnet services

Dear customers,

We are currently experiencing an distributed denial of service attack (DDoS) on all of our services. This may cause you to experience problems with all of our services.  Our Network Operations team is investigating this outage.  Further updates will be released as soon as possible.

Please find all details below:

Start*: 15-09-2021 16:15
End*: TBC
Duration: TBC
Impacted services: All services are impacted
Affected Areas**: All areas

EDIT 16:44*: As soon as we identified the issue, we have started routing our data through a scrubbing service (which tries to identify harmful sources & data and removes it).

EDIT 17:19*: The situation seems to be improving as we identify more and more attack vectors and sources. It seems like for most impacted customers, the situation has improved markedly since approximately ~17h.

EDIT 16/09/2021 10:12*: During the night we had two more attacks. We are working with the authorities, who have confirmed they are looking into it and are doing everything in their power to find the responsible individuals. We were contacted by an individual who verified he was behind the attacks, asking for a ransom.

EDIT 13:18*: We are being DDoS’ed again. We are doing what we can to mitigate the issues.

EDIT 15:41*: The attacks are still on-going. To give you a perspective of what we are dealing with, this is what our filtering service has been able to filter out so far:

EDIT 16:39*: We are monitoring the situation closely, and are discussing the situation both with our anti-DDoS provider and Belgian official instances. We hope to improve the situation as soon as possible and will keep you in the loop of our progress.

EDIT 17/9 15:47*: The attacks have started again. All of our uplinks are entirely congested. We are trying to mitigate the DDoS once more.

EDIT 18/09 12:41*: Yesterday evening and past night we were hit with multiple attacks.  Currently no attacks since 03:00. We still expect more attacks to come.  We are monitoring 24/7.  And we will communicate accordingly.  We try to answer questions or comments on social media as good as we can.

We apologize for the inconveniences.

Best regards
The edpnet team

*All times are listed in CET, Central European Time
** Check the different areas & zones on our support site

Comments

  1. Indeed Zoom Meeting and Remote Sessions lost in 03 Area 16/9 13h30

  2. Can’t attend any meeting and lots of websites fail to open.

    • Our apologies. We are doing what we can to identify the responsible individual(s) and to mitigate the impact of the issues. However, due to the size of the attack, at the moment, not much can be done.

  3. Out of interest – how much ransom are they asking?

  4. I have not been able to work for two hours today and more yesterday, what will you do to mitigate the attack? other than trying to find the person in charge because with this approach we are still here in 1 month i think.

  5. Yah my steam is constantly disconnecting from the friendschat region Antwerp,and when I did a Pingtest I get like 800 ping etc

  6. I know this is hard on you guys.
    I have been under attack myself in the past and it’s no joke when is happen.
    Today my servers have fail2ban and blacklist with ip-set.

    Ther script can be found here: https://github.com/trick77/ipset-blacklist

    It does help automaticly remove bad IP’s that such nutters use to attack.
    For me it works.

    Good luck guys!

    • Hey Bas, thanks for the tip! Unfortunately, since the severity is almost immeasurable, this is not a viable alternative. We are looking into improving our DDoS protection suite in any case.

  7. good luck guys, seems to be a bit better or more stable now but hopefully there is a solution soon.

  8. They don’t only attack an ISP or a government, to a lesser extent, they also attack all the people living from. Maybe some of them really suffer from it. Those guys are totally selfish, dishonest and avid. Internet originally, was always linked to the democraty and neutral values. And in Belgium, you actually gave us a little bit more freedom (unlimited) and performance (for upload) in a budget to develop us online as individual, so you really don’t deserve this. They just deserve the jail, and no more Internet connection, of course !

    Good luck tech guys, I think about you as “surfer enthusiast” (back in 1998, I was the only surfer of the school with a 56k (44k max line in real) modem, time changed positively hehe).

    Regards.

  9. People, don’t forget that in a case such as this, you can activate your phone’s hotspot and connect to it with your laptop. Not a long-term solution, but great to be able to continue your work.

  10. I appreciate that you don’t pay the ransom. Is it one in btc or a more untraceable cryptocurrency like xmr?

  11. Can I suggest that you look at getting a direct interconnect with AWS given the amount of services that run off their platform. Would allow a lot of services to continue operating for your clients while you are under attack.

  12. Can we have an update on the situation today? Is the attack still persisting?

  13. Hi guys,
    can we get an update on the situation for today, and a forecast of the risk for this weekend?
    thanks

  14. update? Out of interest 🙂

  15. For those who have important business to conduct, looks like a VPN could work. While zoom was indeed unavailable via edpnet at times, the Firefox VPN via the Brussels server allowed me to reach zoom.

  16. so euhm… i just got a ban in overwatch competitive cause the ddos disconnected me from the game and i cant reconnect

  17. May I ask what level of attack this is?
    As level 3 is hard to defend.
    But I do notice that upload (my major usage because of websdr) is unaffected.
    It only seems to be inbound traffic.

    Please tell us more, maybe some of us have dealed with such in the past.
    You never know.

    Whatever the attack is, they can not keep this up as peers will become costly especially those in the USA.
    Also, hosters will/should see their traffic goto the roof, that will be expensive too.

    This kind of attack is impossible to maintain for very long unless these criminals have very deep pockets.

    In my opinion, if it can’t be avoided, you have to sit it out.

    If you need funding to sit it out, I’m prepared to donate some money to help you fight these morons.

    People that do this are criminals and should never be paid for their actions, prison is the only place they deserve.

  18. Keep up the fight, team!

  19. Like Laurent posted earlier,i got a more stable internet using a vpn i myself use expressvpn and connect it to brussels, yeah your internet might be a tad bit slower,but i’m not getting disconnections from places and a lot less packet loss :/ good luck EDPnet, it might be time to contact some white knight hackers yourself to figure out who and where it is coming from. this aint no easy job to do DDOSing a whole freaking internet provider

  20. Looks like the attacks started again as ping to e.g. cnn.com are way up and 60% dataloss.
    Also I can not connect to NetBSD repositories, it halted a few minutes ago.

  21. started again it seems now,couldnt connect to game servers,using a vpn to NL to keep it somewhat managable

Leave a Reply

Your email address will not be published / Required fields are marked *