November 11, 2015 by

ProtonMail Is Back after a Week of DDoS Attacks

Encrypted email service provider ProtonMail is back after a week of relentless crippling DDoS attacks that crippled the Switzerland-based company with speeds of over 100Gbps.

ProtonMail, a free email encryption service founded in a joint effort by scientists in Geneva and researchers at MIT to provide end-to-end encryption communication via email to users has been at the receiving end of numerous DDoS attacks for nearly the entirety of the past week. The attacks were so destructive in their nature that the company’s ISP and its data center that is used by numerous other companies were also affected in a big way. So much so that ProtonMail even paid a ransom of 15 bitcoin (approx $6000) in giving into the extortionists’ demands.

In a blog post today, ProtonMail has now announced that it has partnered with Radware, a firm which is now offering its DDoS mitigation service to prevent or at the very least put up a defense capable of withstanding such attacks. ProtonMail added that the service was being provided at a ‘reasonable price.’

The company said:

We are happy to announce today that after several days of intense work, we have largely mitigated the DDoS attacks against us. These attacks took ProtonMail offline making it impossible to access emails, but did not breach our security.

A Powerful DDoS Attack

The cybercriminal group behind an initial set of DDoS attacks are believed to be a cyber gang called the ‘Armada Collective.’

Related article: Apple, Google, Cryptologists Plea to Obama: Support Encryption

ProtonMail notes that there may have been two groups behind the attacks, the second of which may lead back to state-sponsored actors who are likely to have a vested interest in taking down encrypted channels of communications.

The relentless barrage of attacks followed even after the ransom demand was paid, a move ProtonMail notes was done reluctantly after being pressurized to do so by its ISP and other companies affected in the DDoS attacks.

An excerpt from the blog post read:

It has now been one week since the first attack was launched against ProtonMail. Since then, we have been subject to the largest and most extensive cyberattack in Switzerland, with hundreds of other companies also hit as collateral damage.

In addition to hitting ProtonMail, the attackers also took down the datacenter housing our servers and attacked several upstream ISPs, causing serious damage.

Since the attacks, ProtonMail has set up a fundraising campaign in an appeal for donations that will help foot the bill for better cybersecurity measures. So far, the appeal has already collected over $50,000.


About the author

Image of Author

LIFARS is a digital forensics and cybersecurity intelligence firm based in New York City. LIFARS is ranked as one of the top Digital Forensics and Cyber Investigations companies in 2016 and as one of the top cybersecurity companies in the New York metropolitan area for 2015 on the Cybersecurity 500 – a directory of the hottest and most innovative companies to watch in the cybersecurity industry.

Related articles

Lisa Bock on “What’s on Your Network?”

Lisa Bock is an assistant professor of information technology at Pennsylvania College of Technology...

Read more arrow_forward

MacOS Malware Linked to Russian Hackers Steals Passwords, iPhone Backups

A new variant of a Mac malware allegedly developed by APT28, the same cyber espionage group believed...

Read more arrow_forward

Bristol County DA’s Office Opens Digital Forensics Lab

Crime in the 21st century has come a long way and crime in a connected world that leaves behind...

Read more arrow_forward

If you have any further questions, please don't hesitate to contact us.