ProtonMail Taken Down In DDoS Attack After Paying Bitcoin Ransom

Whenever a company or service provider targeted by an attack by hackers, they are not always given the chance to pay a ransom. Even if that were the case, paying up the money being demand is not always a viable option. ProtonMail was recently faced with the dilemma of paying up 15 Bitcoins or being taken down by a DDoS attack. Despite making the payment, their services were taken out through a DDoS attack anyway.

Also read: Bitcoin Technical Analysis 11/6/15 – Volatility Strikes

Bitcoin Is Not The Culprit In This Story

Before you continue reading this story, it is imperative to keep in mind Bitcoin is not the culprit in this story. Granted, the attack(s) asked for a Bitcoin payments, but this digital currency is anything but anonymous. In fact, sending a wire transfer of a Western Union payment is far more anonymous compared to Bitcoin.

That being said, ProtonMail is one of the very few companies willing to pay a ransom when faced with an imminent threat. In this case, their plan backfired, as the service was taken down regardless. The DDoS attack subsided after a brief period, though, and ProtonMail services were restored shortly after. Stating how the service was constantly harassed even after making the Bitcoin payment may be a stretch too far, as switching off a DDoS is not something one can do in the blink of an eye. 

“We hoped that by paying, we could spare the other companies impacted by the attack against us, but the attacks continued nevertheless. Attacks against infrastructure continued throughout the evening and in order to keep other customers online, our ISP was forced to stop announcing our IP range, effectively taking us offline. The attack disrupted traffic across the ISP’s entire network and got so serious that the criminals who extorted us previously even found it necessary to write us to deny responsibility for the second attack.”

– ProtonMail wrote in a blog post.

It is not the first time a Switzerland-based company is facing a DDoS attack, as there has been a string of coordinated attacks for weeks now. Even though Protonmail received an extortion e-mail from a collective of hackers, it didn’t take long until a 15-minute DDoS attack took place.

In a statement, ProtonMail indicated how the DDoS attack was so severe, junk traffic flooding the site reached a volume of 100 gigabits per second. Not only was this attack aimed at the company’s datacenter, but also their upstream providers, scattered along Zurich, Frankfurt, and other locations of value to the ISP.

At the time of publication, no party had claimed credit for the DDoS attack just yet. ProtonMail did not release the details regarding the email conversation they had with the attack(s), leaving it up in the air who is responsible for this event. Some people feel that ProtonMail should have addressed their anti-DDoS security before this attack, rather than paying up money and then complaining afterwards.

Source: ProtonMail

Images credit 1,2