First of all, SE needs to stop the attack. When the attack is stopped or at least controlled, THEN it's time to investigate who or whom are the culprits. Even then, it's extremely difficult to signal a single person or criminal group as a culprit of a DDoS attack. Why? Almost all the DDoS attacks nowadays are made using botnets. Even your computer could be infected with malware and sending random packets to the SE servers through a command and control center located in some shady country you'll never knew it existed before that has no cyber crime regulations of any kind and there wouldn't be any repercussions even knowing who pressed the red button.

That being said, we just need to wait till they can manage the attack. It has been very long, so I'm really worried about my dudes at the SE SOC.