ONF Wiki Attack - Notice to Community
Michelle Roth
Dear ONF Community,
As of yesterday (Nov 6th), it appears that ONF’s main wiki sites have been subject to a ransomware attack. The attacker has encrypted the sites, and as a result the following sites have now been taken offline:
The good news is that wikis are not primary collaboration platforms for ONF projects nor is project documentation generally served by the wikis (documentation is typically found at docs.<project>.org).
The bad news is that we are not expecting to be able to restore the wikis as we only have older backups. Any restored data will have lost the last year of updates, so we don’t think this would be of much value to the community. And since we don’t believe the wiki sites have been particularly active, we are not planning to restore these dated copies of the sites.
We want to hear from you if there is wiki data or archives that you believe to be of high importance. We’re not sure that we would be able to restore items you might identify, but we’d like to identify where we have been impacted, and we may be able to help point you to alternatives or more recent sites that provide equivalent information.
Please report important lost wiki content to either:
Also - a possible vulnerability from this attack would be password mining. If you tried to login to our wiki site anytime since last Friday, Nov 3, it is conceivable that you were presented with a password capture site that collected your ONF account password.
We strongly recommend that you update the password for your ONF account.
Enter your user name
You will be sent a password recovery email. Follow this link to create a new password
If you have trouble resetting your password, please contact sup...@opennetworking.org
We want to share our sincere apologies. We understand our collaboration tools are of significant importance to our community, and we’re very sorry to have this attack impacting our community and the important work of our projects.
Sincerely,
The ONF Team
Michelle Roth
On Nov 8, 2023, at 12:02 PM, Vachuska, Tom <tom.va...@intel.com> wrote:I concur with Andrea’s assessment. Majority of the content dates to several years back during the height of the ONOS (and its apps) development and even though the loss of last year of updates is unfortunate, there is still a lot to gain from reinstating the old content.ThomasOn 11/8/23, 5:36 AM, "onos-a...@opennetworking.org" <onos-a...@opennetworking.org> wrote:
Hi Michelle, AllI do am really sorry the wiki got attacked and that it resulted in loosing data. It's never a nice thing to happen.I strongly object to not resurrecting the wikis, even with 1 year old content. Especially the ONOS project has all of its data and content on the wiki, not on a docs site. The wiki.onosproject.org was still the one stop shop for the large community of ONOS developers.I would encourage you to recover the wiki pages from whatever backup you have and make a pledge to the community to re-integrate all the content that they feel has been lost.If there is anything I can assist you in to achieve this result please let me know, but not recovering at least the wiki.onosproject.org is un-acceptable, it will mean the total end of any work done on ONOS, which is still widely used.Thanks,Andrea Campanella -- Intel
On 7 Nov 2023, at 16:13, Michelle Roth <mich...@opennetworking.org> wrote:
Dear ONF Community,As of yesterday (Nov 6th), it appears that ONF’s main wiki sites have been subject to a ransomware attack. The attacker has encrypted the sites, and as a result the following sites have now been taken offline:The good news is that wikis are not primary collaboration platforms for ONF projects nor is project documentation generally served by the wikis (documentation is typically found at docs.<project>.org).The bad news is that we are not expecting to be able to restore the wikis as we only have older backups. Any restored data will have lost the last year of updates, so we don’t think this would be of much value to the community. And since we don’t believe the wiki sites have been particularly active, we are not planning to restore these dated copies of the sites.We want to hear from you if there is wiki data or archives that you believe to be of high importance. We’re not sure that we would be able to restore items you might identify, but we’d like to identify where we have been impacted, and we may be able to help point you to alternatives or more recent sites that provide equivalent information.Please report important lost wiki content to either:Also - a possible vulnerability from this attack would be password mining. If you tried to login to our wiki site anytime since last Friday, Nov 3, it is conceivable that you were presented with a password capture site that collected your ONF account password.We strongly recommend that you update the password for your ONF account.
2. Enter your user name3. You will be sent a password recovery email. Follow this link to create a new password4. If you have trouble resetting your password, please contact sup...@opennetworking.org
We want to share our sincere apologies. We understand our collaboration tools are of significant importance to our community, and we’re very sorry to have this attack impacting our community and the important work of our projects.Sincerely,The ONF Team
--
You received this message because you are subscribed to the Google Groups "VOLTHA Discuss" group.
To unsubscribe from this group and stop receiving emails from it, send an email to voltha-discus...@opennetworking.org.---------------------------------------------------------------------
INTEL CORPORATION ITALIA S.p.A. con unico socio
Sede: Milanofiori Palazzo E 4
CAP 20094 Assago (MI)
Capitale Sociale Euro 104.000,00 interamente versato
Partita I.V.A. e Codice Fiscale 04236760155
Repertorio Economico Amministrativo n. 997124
Registro delle Imprese di Milano nr. 183983/5281/33
Soggetta ad attivita' di direzione e coordinamento di
INTEL CORPORATION, USAThis e-mail and any attachments may contain confidential material for
the sole use of the intended recipient(s). Any review or distribution
by others is strictly prohibited. If you are not the intended
recipient, please contact the sender and delete all copies.--
You received this message because you are subscribed to the Google Groups "ONOS Announce" group.
To unsubscribe from this group and stop receiving emails from it, send an email to onos-announc...@opennetworking.org.
To view this discussion on the web visit https://groups.google.com/a/opennetworking.org/d/msgid/onos-announce/E663588D-7350-4B0F-9031-239E447923CE%40intel.com.
Ong, Lyndon
Hi Michelle,
We agree with Thomas and Andrea and also there is a significant impact to the OTCC and OIMT projects as well as IISOMI (which is not included in the copy to list and should be – iis...@opennetworking.org) from the loss of the past year’s wiki updates.
Lyndon
From: Michelle Roth <mich...@opennetworking.org>
Sent: Wednesday, November 8, 2023 12:31 PM
To: Vachuska, Tom <tom.va...@intel.com>
Cc: Campanella, Andrea <andrea.c...@intel.com>; sup...@opennetworking.org; aether-...@opennetworking.org; ambas...@opennetworking.org; cord-d...@opennetworking.org; omec-a...@opennetworking.org; onos-a...@opennetworking.org;
informatio...@opennetworking.org; Open Networking Foundation <in...@opennetworking.org>; opticalt...@opennetworking.org; p4-...@opennetworking.org; pins-a...@opennetworking.org; sdcore-...@opennetworking.org; sdfabric...@opennetworking.org;
sdran-a...@opennetworking.org; seba...@opennetworking.org; smart5g-...@opennetworking.org; stratum-...@opennetworking.org; transp...@opennetworking.org; trell...@opennetworking.org; voltha-...@opennetworking.org; wireless-...@opennetworking.org
Subject: [**EXTERNAL**] Re: ONF Wiki Attack - Notice to Community
Hi Thomas and Andrea,
Thank you for your feedback, it is very helpful. We are continuing to work on the issue, including on restoring an older back up of the ONOS wiki. We’ll keep you posted on any new updates.
Warm regards,
-Michelle
Michelle Roth
Open Networking Foundation
On Nov 8, 2023, at 12:02 PM, Vachuska, Tom <tom.va...@intel.com> wrote:
I concur with Andrea’s assessment. Majority of the content dates to several years back during the height of the ONOS (and its apps) development and even though the loss of last year of updates is unfortunate, there is still a lot to gain from reinstating the old content.
Thomas
On 11/8/23, 5:36 AM, "onos-a...@opennetworking.org" <onos-a...@opennetworking.org> wrote:
Hi Michelle, All
I do am really sorry the wiki got attacked and that it resulted in loosing data. It's never a nice thing to happen.
I strongly object to not resurrecting the wikis, even with 1 year old content. Especially the ONOS project has all of its data and content on the wiki, not on a docs site. The wiki.onosproject.org [wiki.onosproject.org] was still the one stop shop for the large community of ONOS developers.
I would encourage you to recover the wiki pages from whatever backup you have and make a pledge to the community to re-integrate all the content that they feel has been lost.
If there is anything I can assist you in to achieve this result please let me know, but not recovering at least the wiki.onosproject.org [wiki.onosproject.org] is un-acceptable, it will mean the total end of any work done on ONOS, which is still widely used.
Thanks,
Andrea Campanella -- Intel
On 7 Nov 2023, at 16:13, Michelle Roth <mich...@opennetworking.org> wrote:
Dear ONF Community,
As of yesterday (Nov 6th), it appears that ONF’s main wiki sites have been subject to a ransomware attack. The attacker has encrypted the sites, and as a result the following sites have now been taken offline:
The good news is that wikis are not primary collaboration platforms for ONF projects nor is project documentation generally served by the wikis (documentation is typically found at docs.<project>.org).
The bad news is that we are not expecting to be able to restore the wikis as we only have older backups. Any restored data will have lost the last year of updates, so we don’t think this would be of much value to the community. And since we don’t believe the wiki sites have been particularly active, we are not planning to restore these dated copies of the sites.
We want to hear from you if there is wiki data or archives that you believe to be of high importance. We’re not sure that we would be able to restore items you might identify, but we’d like to identify where we have been impacted, and we may be able to help point you to alternatives or more recent sites that provide equivalent information.
Please report important lost wiki content to either:
Also - a possible vulnerability from this attack would be password mining. If you tried to login to our wiki site anytime since last Friday, Nov 3, it is conceivable that you were presented with a password capture site that collected your ONF account password.
We strongly recommend that you update the password for your ONF account.
To view this discussion on the web visit https://groups.google.com/a/opennetworking.org/d/msgid/onos-announce/E663588D-7350-4B0F-9031-239E447923CE%40intel.com [groups.google.com].
--
To unsubscribe from this group and stop receiving emails from it, send an email to
transport-ap...@opennetworking.org.
Timon Sloane
Thanks,
Ong, Lyndon
You have some very unhappy people.
From: Timon Sloane <ti...@opennetworking.org>
Sent: Thursday, November 9, 2023 9:57 AM
To: Ong, Lyndon <ly...@ciena.com>
Cc: Michelle Roth <mich...@opennetworking.org>; sup...@opennetworking.org; informatio...@opennetworking.org; Open Networking Foundation <in...@opennetworking.org>; transp...@opennetworking.org; wireless-...@opennetworking.org
Subject: Re: [**EXTERNAL**] Re: ONF Wiki Attack - Notice to Community
Lyndon - we understand the significant impact this is having. Unfortunately it looks like we don't have a backup that will have the last year of updates. The groups you mention (OTCC, OIMT, IISOMI) have been identified as some of the more directly impacted communities who have been regularly updating the wiki over the last year, so we're actively looking for alternative ways to recover data for these groups.
You could help us if you could please take a the following public web archive site to if may have captured data that you'd want to make sure to save:
Ong, Lyndon
Dear Timon, Michelle,
We would like to register that we are extremely unhappy with the situation with the ONF wiki and how the wiki has been managed and supported. We understand that cyberattacks such as the ransomware attack will happen but it seems to us that the response to this attack and the measures in place to restore service are not satisfactory. Furthermore we found the email that was sent out to be very inaccurate and dismissive with regards to our projects.
In the email it states “The good news is that wikis are not primary collaboration platforms for ONF projects nor is project documentation generally served by the wikis (documentation is typically found at docs.<project>.org).” Unfortunately this is not in fact the case for the OIMT, OTCC and IISOMI projects which have been using the wiki to store incoming contributions, liaisons and meeting notes that have now been lost, including with them current roadmaps for work planning for 2024. If the view in ONF was that no one was using the wiki this was not an accurate view and perhaps this contributed to the lack of attention and resources that seems to have allocated to the support of the wiki. If ONF was no longer planning on supporting the wiki this should have been made clear to us earlier so that we had an opportunity to move to a different platform.
We find it very hard to understand why the most recent backup ONF believes it can restore is from as far back as a year ago. Why were no more recent backup versions of the wiki being kept? We disagree very much with the assessment that “we don’t think this [restoring an earlier version] would be of much value to the community”, we would still find this very valuable for our work. The wiki is one place that people know they can go to for access to current discussions, meeting schedules and details, and links to work repositories. Also we completely disagree with the assessment that “we don’t believe the wiki sites have been particularly active” as OIMT, OTCC and IISOMI have been making regular updates to the wiki (as you later noted) and rely on it to keep track of progress.
It’s not particularly helpful for ONF to “point us to alternatives or more recent sites that provide equivalent information.” Members have already been searching web archives on their own, but can only find limited archives with the most recent being the beginning of 2023. Furthermore it is very disappointing to be told that we should be looking to free services from the web for our backup. We don’t ask for much out of ONF but we would like at least some more support out of the membership dues that we pay.
- We would like to request that ONF attempts to restore an earlier version of the wiki at least for our projects, with the most recent information that can be restored.
- We would like to understand ONF’s timetable for making the wiki or a similar platform available for the immediate future for our projects to use. Currently we have no place to post contributions and meeting notes or track further progress in our projects and we are having to cancel meetings and stop work.
- We would like to understand if we can rely on ONF to provide a stable and supported platform for collaboration for the longer term or if we need to look for another method or platform to continue the work.
Sincerely,
Lyndon Ong, OTCC Project Lead
Kam Lam, Nigel Davis, OIMT Project Leads
Timon Sloane
Timon
Timon Sloane
General Manager
Ong, Lyndon
Hi Timon,
Thank you for the response, the general outbound message was read as “the wiki was attacked and is no longer available, but luckily for ONF no one of importance was using it any more and so we don’t need to bother about restoring it”, which naturally caused some upset in the groups.
It will be very helpful if you can restore the wikis and keep the restored sites secure and able to be used, it’s most unfortunate that more recent copies do not seem to be available. We’ll be very interested in the plan going forward.
BR,
Lyndon
From: Timon Sloane <ti...@opennetworking.org>
Sent: Friday, November 10, 2023 10:57 AM
To: Ong, Lyndon <ly...@ciena.com>
Cc: Michelle Roth <mich...@opennetworking.org>; sup...@opennetworking.org; informatio...@opennetworking.org; Open Networking Foundation <in...@opennetworking.org>; transp...@opennetworking.org; opentr...@opennetworking.org
Subject: [oimt] Re: [**EXTERNAL**] Re: ONF Wiki Attack - Notice to Community
Lyndon/Kam/Nigel,
I understand this is having a significant impact on the OTCC and OIMT groups. Please know that we recognized from the onset that your community was the most likely to have been significantly impacted, and as such I asked Michelle to reach out to you first even as we were struggling to understand the extent of the attack and before we communicated to other groups. The general broad outbound message was not meant to minimize the impact this attack is having on this particular group.
We are working now to restore the most recent copies of the ONF and ONOS wikis that we can reliably trust. The infiltration was significant, so we are trying to get back to a stable and safe state. We are also actively working with Atlassian to ensure the restored sites will be secure and sufficiently patched. Once we get the best possible copy of the sites back up, we'll take a further assessment and determine the best path forward.
Our team's current estimate is to have the ONF site back by Monday. We will keep you informed.
Thanks,
Timon
___________________________________________________
Timon Sloane
General Manager
--
You received this message because you are subscribed to the Google Groups "Open Information Model & Tooling" group.
To unsubscribe from this group and stop receiving emails from it, send an email to
information-mode...@opennetworking.org.
To view this discussion on the web visit
https://groups.google.com/a/opennetworking.org/d/msgid/information-modeling/CAKjgt7PzaGovc7Su5T%2BgtDUks7FtEqOMvPzYGwFPicd_2%2BGdqA%40mail.gmail.com [groups.google.com].
Ong, Lyndon
BTW, the IISOMI project was also very badly impacted, perhaps even more than the other projects – please try and capture any IISOMI material also as you attempt to restore the needed parts of the ONF wiki.
BR,
Lyndon