$6000 In Bitcoin
ProtonMail is a free and open-source web-based encrypted email service founded in 2013 at the CERN research facility by Jason Stockman, Andy Yen and Wei Sun. They were forced to pay 15 Bitcoins to order to stop DDOS which forced them offline. On Tuesday November 3, 2015 ProtonMail was taken offline by an extremely powerful DDOS attack. Despite their best efforts, they were not able to stop the attack and are currently offline.
The attackers began by flooding our IP addresses. That quickly expanded to the datacenter in Switzerland where we have our servers. In the process of attacking us, several other tech companies and even some banks were knocked offline temporarily.
ProtonMail guarantees that even though they are offline, their core system were not compromised and all the users data are safe.
Even though access is limited, an important thing to note is that our core end-to-end encryption holds strong and is 100% untouched. All user data is fine and safe… We are fighting not just for privacy, but for the future of the internet. We would especially like to thank the thousands of users who offered their support and encouragement on Twitter and Facebook, we will never stop fighting for you.
Through MELANI (a division of the Swiss federal government), we exchanged information with other companies who have also been attacked and made a few discoveries. First, the attack against ProtonMail can be divided into two stages. The first stage is the volumetric attack which was targeting just our IP addresses. The second stage is the more complex attack which targeted weak points in the infrastructure of our ISPs. This second phase has not been observed in any other recent attacks on Swiss companies and was technically much more sophisticated. This means that ProtonMail is likely under attack by two separate groups, with the second attackers exhibiting capabilities more commonly possessed by state-sponsored actors. It also shows that the second attackers were not afraid of causing massive collateral damage in order to get at us.
At present, ProtonMail’s infrastructure is still vulnerable to attacks of this magnitude, but we have a comprehensive long term solution which is already being implemented. Protecting against a highly sophisticated attack like the second one which was launched against us requires sophisticated solutions as we also need to protect our datacenter and upstream providers. Cost estimates for these solutions are around $100,000 per year since there are few service providers able to fight off an attack of this size and sophistication.
