Attacks that we saw on our network yesterday was not from a single source. It came from thousands of IPs, flooding the network and chocking the bandwidth. So tracking it back to the actual attacker(s) is nearly impossible. Such attacks are not common when you manage an infrastructure like TCH. We have seen it in the past and 99% of the time it gets thwarted on the network edge itself. It all depends on how fast we can isolate the attacker requests from legitimate ones and then filter them off our network. As you have guessed it there is no out of the shelf solution for this, and has to be worked case by case. We have implemented everything we have gained mitigating these attacks onto our security rules and will continually prep it up so that our network remains robust.
As to why they do it, there could be any number of reasons like a grudge on a particular site / owner, competition by other firms, or just attackers trying to get a high.
What we can assure you is that we are here if things go wrong and would request all our clients to be patient and understanding while such attacks occur and give us time to get things right.