Ransom DDoS attack - need help!

Sorry this is so late, I get NANOG in Digest Mode...

I would really appreciate help in a few areas (primarily with certain
provider contacts/intros) so we can execute our strategy (which I can't
reveal here for obvious reasons). If you email me off-list with a
name/email that you've previously used on-list, I will reply from my real

Alternatively, if you can post your experiences on-list with large scale
high profile ransom DDoS attacks, I'd really appreciate it!

Please contact me offlist, and I will introduce you to the person who says the below - they are from $ENORMOUS-ESP, and were deeply involved in the efforts during last year's rounds of ransom DDoSs which saw many different targets coordinating in fending off the attacks (and working with the FBI). The basecamp group to which he refers is the group of all of the different NOC and architect folks from the various companies, who strategized together, and all of their info is still there. I'm familiar with this all as I was part of the coordination efforts, as so many of the targets also happened to be customers of ours and, you know, lawyer. :wink:

He says:

"I'm happy to invite him to the basecamp if he wants access, just need his email.

Otherwise, feel free to share with him that others ended up using prolexic OR whatever the other large provider is out there. that seems to be the universal solution if they don't want to buy gear and roll their own solution. Amazon and Google cloud environments aren't impervious from this stuff, but they are getting better, and using some of the same technology."