ProtonMail Is Back after a Week of DDoS Attacks

Encrypted email service provider ProtonMail is back after a week of relentless crippling DDoS attacks that crippled the Switzerland-based company with speeds of over 100Gbps.

ProtonMail, a free email encryption service founded in a joint effort by scientists in Geneva and researchers at MIT to provide end-to-end encryption communication via email to users has been at the receiving end of numerous DDoS attacks for nearly the entirety of the past week. The attacks were so destructive in their nature that the company’s ISP and its data center that is used by numerous other companies were also affected in a big way. So much so that ProtonMail even paid a ransom of 15 bitcoin (approx $6000) in giving into the extortionists’ demands.

In a blog post today, ProtonMail has now announced that it has partnered with Radware, a firm which is now offering its DDoS mitigation service to prevent or at the very least put up a defense capable of withstanding such attacks. ProtonMail added that the service was being provided at a ‘reasonable price.’

The company said:

We are happy to announce today that after several days of intense work, we have largely mitigated the DDoS attacks against us. These attacks took ProtonMail offline making it impossible to access emails, but did not breach our security.

A Powerful DDoS Attack

The cybercriminal group behind an initial set of DDoS attacks are believed to be a cyber gang called the ‘Armada Collective.’

Related article: Apple, Google, Cryptologists Plea to Obama: Support Encryption

ProtonMail notes that there may have been two groups behind the attacks, the second of which may lead back to state-sponsored actors who are likely to have a vested interest in taking down encrypted channels of communications.

The relentless barrage of attacks followed even after the ransom demand was paid, a move ProtonMail notes was done reluctantly after being pressurized to do so by its ISP and other companies affected in the DDoS attacks.

An excerpt from the blog post read:

It has now been one week since the first attack was launched against ProtonMail. Since then, we have been subject to the largest and most extensive cyberattack in Switzerland, with hundreds of other companies also hit as collateral damage.

In addition to hitting ProtonMail, the attackers also took down the datacenter housing our servers and attacked several upstream ISPs, causing serious damage.

Since the attacks, ProtonMail has set up a fundraising campaign in an appeal for donations that will help foot the bill for better cybersecurity measures. So far, the appeal has already collected over $50,000.