Avsim wasn't a bank....
Avsim was never exactly cashed up, and despite what everyone here says, proper backups are DAMN expensive.
Avsim had a couple of terrabytes of data, so even a 'relitively' cheap HP Ultrium ($6000 Australian - that a LOT of beer money) plus maybe $1000 in tapes per annum would be nowhwere near enough.
A full backup solution for a site of that size would run to maybe $25,000 min. and for a donation-run enthusiast site, thats just not possible.
Think of Avsim like your local library - it's not mankind's sole repository of knowledge, so it isn't nuclear-blast-proof secure; it is still a bloody tragedy if some 12-year-old ADHD tnuc burns it down.
Which is what seems to have happened to Avsim.
I was a member, some of my files were on there. The Avsim forums had been pretty closely following developments over the last three weeks, though since most of the discussion was on the forums, we've lost that.
The attacks originated mostly in Poland, and for a while were coming from a single IP. The Polish provider was NOT helpful in shutting it down or taking any action, unfortunately, and pretty soon it was obvious the attacks had spread to a botnet. To the more suspicious of us, it looked like a young punk testing attack vectors, possibly as rite-of-entry to a larger network of criminals. The attacks stepped up after the guys running the site started trying to secure it, but remember this is volunteer run, so the guys running it had day jobs to attend to as well. In hindsight, pulling the network cable for a month or two might have been the solution, but this was a community - imagine if the Reg dissappeared for a month with no reason given.
If nothing, it is a sad indictement on the human condition that things like this happen.
I doubt Avsim is going to be the only victim of attacks like this, and not everyone out there is a BOFH with attendant PFY and a large backup budget.
To me it really seems that action needs to come from the ISP-level, ISPs need to be held accountable when they fail to act on warnings of criminal activity. I don't know, maybe that's a simplistic view, but if the ISP in question had acted a bit more responsibly this might not have happened.