Since two days ago, ProtonMail was hit by a massive distributed denial of service (DDOS) attack. This severe attack that started on November 3rd, 2015 was very sophisticated and took Proton Mail offline for almost 24 hours.
What is Protonmail?
ProtonMail is an email service that is developed by a team of scientists who met while working at the European Organization for Nuclear Research (CERN) in Geneva, Switzerland. By using Protonmail, your email is encrypted by default and can be accessed from your home computer, laptop, tablet and your iPhone or Android device effortlessly.
Protonmail was launched recently through an Indiegogo campaign. The “Swiss based encrypted email, protecting privacy rights for everyone.”, Protonmail, raised $550,377 USD from 10 576 peoples in one month. That’s a lot of money and also, a lot of interest for a secure email service. According to Protonmail, among it’s customers we find journalists, activists and other “at-risk” groups.
How did the ddos attack happened?
According to Protonmail’s team, the coordinated assault on their ISP exceeded 100Gbps and the hackers attacked not only the datacenter, but also the routers from Zurich, Frankfurt and other locations where Protonmail’s ISP has nodes. This coordinated assault on key infrastructure eventually managed to bring down both the datacenter and the ISP, which impacted hundreds of other companies, not just ProtonMail.
In a recent blog post, Protonmail says that:
In a day and age when our most personal data is sold to the highest bidder, our mission is to provide a haven where online privacy is respected and protected. With your support over the past two years, we have grown to become the world’s largest encrypted email service.
So Protonmail sustains that it became the world’s largest encrypted email service..ok.. but what about Google, Microsoft, SOHO, Yahoo and others? All these competitors invest millions of dollars in security, so, in my opinion, those $500 000 dollars raised by Proton mail might just not be enough to cover a security team.
It seems that the ProtonMail team arrived at a conclusion. They can’t compete with the tech giants like Facebook and Google. The DDOS attacks are hard to protect and it takes a lots of money to create a security layer able to face a massive DDOS hit. That’s why, the Protonmail team started a new crowd funding campaign. Their vision is below:
Over the years we have faced pressure from laws, government agencies, and others. Now for the first time, DDOS attacks are being employed to stop us from protecting privacy. This fight will not be easy, but it is one that we must win. What is at stake is nothing less than the future of the internet, and we will never stop fighting to secure that future.
These solutions are unfortunately very expensive and can run over $100,000 per year. Despite the cost, we have already begun to implement them, but this has placed an unexpected strain on our budget. Given our mission, and the capabilities of our adversaries, it is necessary to invest in these technologies to ensure that online privacy can never be denied. With your support, we can ensure that ProtonMail is better protected against future attacks and can continue to provide privacy for all.
If you want to read more regarding Protonmail’s crowdfunding campaign, please Support the ProtonMail defense.
