Slashdot Mirror

← Back to Stories (view on slashdot.org)

ProtonMail Restores Services After Epic DDoS Attacks

Posted by timothy on from the stronger-in-the-broken-places dept.

An anonymous reader writes: After several days of intense work, Switzerland-based end-to-end encrypted e-mail provider ProtonMail has largely mitigated the DDoS attacks that made it unavailable for hours on end in the last week. The attacks exceeded 100Gbps, and are still going on, but they are no longer capable of knocking ProtonMail offline for extended periods of time. The ProtonMail community of users proved to be invaluable for the company. In fact, in just a few days, they donated over $50,000 to the company's "defense fund," providing the resources to resist further attacks against email privacy.

7 of 57 comments (clear)

  1. That's some serious traffic by Falconnan · · Score: 5, Interesting

    State actors or malicious mischief? That is the real question.

    1. Re:That's some serious traffic by Anonymous Coward · · Score: 4, Informative

      Just to clarify:
      ProtonMail were *forced* to pay the ransom, it wasn't entirely their choice.

      "At this point, we were placed under a lot of pressure by third parties to just pay the ransom"
      due to... "hundreds of thousands of Swiss Francs in damages suffered by other companies caught up in the attack against us"

      And no doubt, this is the start of a series of attacks against them, by the likes of the terrorists at the NSA/GCHQ.

    2. Re:That's some serious traffic by GuB-42 · · Score: 2

      There are two different actors. The first was in for the ransom and stopped after being paid.
      The second uses a much more advanced attack, has unknown motives, and may have chosen to strike at the same time as an attempt to put the blame on the first group.

  2. "anonymous" and "secure" what a joke by Anonymous Coward · · Score: 3, Interesting

    They're asking for an email account so that they can send you an invite. How is this remotely anonymous?

    Being in .ch is nice and all, and gives you that "Swiss Bank Account" feel, but the XKCD coming about encryption & pipewrenches comes to mind. Since the Banks have rolled (because Nazis) what is going to keep your free email secure when the Polizei comes knocking?

    1. Re: "anonymous" and "secure" what a joke by Corwyn_123 · · Score: 2

      Simple, the admins cannot access the emails of their users, it's encrypted on the servers. The most the police can how to get, of they can get anything at all, would b header and routing information, which is the meta data, not the content.

  3. SubjectsInCommentsAreStupidCusTheSubjIsTheArticle by lesincompetent · · Score: 3, Informative

    Much more info on this official blog post: https://protonmail.com/blog/pr...

  4. Re:Donating money to fight a DDOS is dumb by nitehawk214 · · Score: 2, Interesting

    I would donate money to help fight it, but not if they are just going to give the money to the attackers. Which seems to be exactly what they did here.

    And it was probably the government of a country obsessed with surveillance of their own people, so no amount of ransom is going to make that go away. The internet service providers are, of course, in on it.

    --
    I'm a good cook. I'm a fantastic eater. - Steven Brust