Summary:
At 15:45 GMT+1 on 14 July 2025, our NOC detected a DDoS attack targeting parts of our network. The attack continued until 20:36 GMT+1. Due to the scale of the traffic, we nullrouted several subnets between 18:37 GMT+1 and 20:36 GMT+1 to keep the wider network stable.
Timeline (GMT+1):
-
15:45 – NOC identified abnormal traffic consistent with a DDoS attack
-
Immediate action – Filtering and mitigation began, attack was reduced to 3 Gbps throughout the entire network.
-
18:37 – Nullroutes were applied to impacted subnets
-
20:36 – Attack traffic dropped off; nullroutes were removed
Impact:
-
Services within the nullrouted subnets were unreachable for just under 2 hours
-
Some performance issues were observed earlier in the attack before routes were applied
Next Steps:
To improve resilience, we're taking the following actions in the coming days:
-
Bringing additional upstream carriers
-
Continuing to refine our DDoS detection and response systems
Due to this downtime we've extended the affected servers by 3 days. If you have questions or need assistance, please contact our support team via ticket.
