Sometimes, paying a hacker's ransom isn't enough to free your business from an attack. ProtonMail learned that the hard way Thursday when, after meeting the demands of a group behind a distributed denial of service (DDoS) attack, the encrypted email provider was still unable to resume normal operations.
Operators of the Switzerland-based ProtonMail said in a blog post Thursday they “grudgingly agreed” to pay 15 bitcoins (roughly $6,066) in exchange for stopping a DDoS attack, which overwhelms a site with so much traffic that it knocks it offline. Unlike similar DDoS and ransomware attacks, though, paying the bitcoin failed to stop intermittent DDoS attacks against ProtonMail between Tuesday night and Thursday.
“This means that ProtonMail is likely under attack by two separate groups. With the second attackers exhibiting capabilities more commonly possessed by state-sponsored actors,” ProtonMail said in the post. “It also shows that the second attackers were not afraid of causing massive collateral damage in order to get at us.”
ProtonMail was founded in 2013 by CERN researchers and designed to avoid U.S. National Security Agency surveillance. It has become more well known in the U.S. since being included on "Mr. Robot," a TV show about hacking and Internet crime.
Other encrypted email providers, including VFEMail and Runbox, have also been targeted by powerful DDoS attacks in recent days.
A DDoS attack is a common -- and usually unsophisticated -- form of Internet thuggery that is difficult to trace back to the source. They do not breach the victim's data, and ProtonMail assured users their accounts were not infiltrated, just disabled.
“Even though access is limited, an important thing to note is that our core end-to-end encryption holds strong and is 100 percent untouched,” the blog post stated. “All user data is fine and safe.”