In all seriousness though, the reason why services end up under DDoS attacks are wide and sometimes complex.
There is a likelihood that someone is simply upset at these services, or that there was a coordinated effort against source control programs more generally but its only succeeding against these two (that we're aware of), but not say, GitLab / GitHub.
Another example: they may be targeted simply due to traffic and volume, and this is an attempt to "dry run" DDoS techniques that may be used against bigger sites down the road too.
There's alot of room for why these things happen. I've learned that motivations and execution is very wide.
Another reason is hosted content that someone really wants gone from the internet.
Of course the efficacy of attacking a service with lots of content is questionable, but the plan is to put on so much pressure that the service removes the content.
I know of some projects that were on Github and received cease and desist letters. So they moved their project to one of these other repos. It is entirely possible but of course only speculation.
You would think so, but then I just read about eBay executives sending cockroaches & spiders, funeral/grieving-related items and a bloody pig mask to a couple that wrote some not-so-positive reviews about that company…
You should be using a phase diagram rather than a venn diagram here. It depends on persistence or tenacity of the adversary. Legal and administrative measures is the first phase. If that fails to deter adversary, non-traditional and perhaps extrajudicial measures can be employed.
In all seriousness though, the reason why services end up under DDoS attacks are wide and sometimes complex.
There is a likelihood that someone is simply upset at these services, or that there was a coordinated effort against source control programs more generally but its only succeeding against these two (that we're aware of), but not say, GitLab / GitHub.
Another example: they may be targeted simply due to traffic and volume, and this is an attempt to "dry run" DDoS techniques that may be used against bigger sites down the road too.
There's alot of room for why these things happen. I've learned that motivations and execution is very wide.