Sign up for our newsletter
Technology / Cybersecurity

ProtonMail pays cyber security ransom to get back online

ProtonMail, a Swiss email provider, was back up and running yesterday evening, after paying a ransom to cyber criminals who brought down its service.

The Geneva based secure email provider was laid low on November 3 by what it described on its blog as "an extremely powerful DDoS attack."

It has confirmed that it had been the subject of a ransom demand: "Slightly before midnight on November 3rd, 2015, we received a blackmail email from a group of criminals who have been responsible for a string of DDOS attacks which have happened across Switzerland in the past few weeks."

After a series of "sophisticated" cyber attacks on ProtonMail, its ISP and upstream datacentre providers, the firm "grudgingly" paid the ransom to a bitcoin address, to the value of $6000.

White papers from our partners

The move was not received well by some in the cyber security community. Expert Graham Cluley said on his blog: "I can’t help but feel that ProtonMail has let down every company on the internet." Others tweeted the company asking why it had paid up.

ProtonMail said the attack was "unprecedented in size and scope," and justified paying the ransom because it said the attack was affecting around 100 companies.

Indeed, the level of the attack was such that the firm believes that it is under attack from two attackers, one criminal, and one state sponsored.

While it accepts it is still vulnerable to such high-level attacks, the firm says "we have a comprehensive long term solution" and is asking for donations to a defence fund.

This article is from the CBROnline archive: some formatting and images may not be present.