This article is from the source 'guardian' and was first published or seen on . It last changed over 40 days ago and won't be checked again for changes.

You can find the current article at its original source at http://www.theguardian.com/technology/2015/nov/05/protonmail-service-held-ransom-by-hackers

The article has changed 3 times. There is an RSS feed of changes available.

Version 0 Version 1
ProtonMail: encrypted email provider held ransom by hackers ProtonMail: encrypted email provider held ransom by hackers
(about 1 hour later)
ProtonMail, a Switzerland-based encrypted email provider, was forced offline on Thursday after hackers held the company’s internet connection for ransom by using a distributed denial of service (DDoS) attack.ProtonMail, a Switzerland-based encrypted email provider, was forced offline on Thursday after hackers held the company’s internet connection for ransom by using a distributed denial of service (DDoS) attack.
“ProtonMail is likely under attack by two separate groups, with the second attackers exhibiting capabilities more commonly possessed by state sponsored actors,” the company said. “It also shows that the second attackers were not afraid of causing massive collateral damage in order to get at us.”“ProtonMail is likely under attack by two separate groups, with the second attackers exhibiting capabilities more commonly possessed by state sponsored actors,” the company said. “It also shows that the second attackers were not afraid of causing massive collateral damage in order to get at us.”
The ransom was only for 15 bitcoin, or about $6,066, but the attacks did not stop when it was paid.The ransom was only for 15 bitcoin, or about $6,066, but the attacks did not stop when it was paid.
ProtonMail is headquartered at the European Organization for Nuclear Research, or Cern. It has become widely known in the US since its appearance on popular USA network drama Mr Robot.ProtonMail is headquartered at the European Organization for Nuclear Research, or Cern. It has become widely known in the US since its appearance on popular USA network drama Mr Robot.
“We are still poring over the evidence and will be working with the Swiss Federal cybercrime unit,” ProtonMail co-founder Andy Yen told the Guardian, adding that the source of the second attack hadn’t yet been conclusively determined. Yen also said that he knew of “several dissident groups who are actively using ProtonMail”, and are based in countries known for hacking attacks. “We are still poring over the evidence and will be working with the Swiss federal cybercrime unit,” ProtonMail co-founder Andy Yen told the Guardian, adding that the source of the second attack had not yet been conclusively determined. Yen also said that he knew of “several dissident groups who are actively using ProtonMail”, and are based in countries known for hacking attacks.
“But we know after speaking with the experts that came to our aid that there are few groups capable of carrying out an attack of this size and sophistication. This is the likely the biggest and most sophisticated DDoS attack to ever occur in Switzerland,” Yen said. “But we know after speaking with the experts that came to our aid that there are few groups capable of carrying out an attack of this size and sophistication. This is likely the biggest and most sophisticated DDoS attack to ever occur in Switzerland,” Yen said.
While the type of attack is common, ProtonMail said the DDoS directed at it was “unprecedented in size and scope” in a blogpost on the assault. The hackers likely responsible for the first, smaller attack go by the name Armada Collective and have come to the attention of Swiss authorities for extorting “high-value targets” in the recent past. While the type of attack is common, ProtonMail said the DDoS directed at it was “unprecedented in size and scope” in a blogpost on the assault. The hackers probably responsible for the first, smaller attack go by the name Armada Collective and have come to the attention of Swiss authorities for extorting “high-value targets” in the recent past.
The Swiss Governmental Computer Emergency Repsonse Team said that the group typically demands a ransom in bitcoin and then demonstrates its abilities with a brief DDoS attack, followed by a longer attack if the target doesn’t immediately pay. Their emails usually read “Ransom request: DDOS ATTACK!” according to the Team. The Swiss governmental computer emergency response team said that the group typically demands a ransom in bitcoin and then demonstrates its abilities with a brief DDoS attack, followed by a longer attack if the target doesn’t immediately pay. Their emails usually read “Ransom request: DDOS ATTACK!” according to the team.
ProtonMail said it “grudgingly agreed” to pay the ransom after pressure from third parties in order to mitigate damage to businesses and individuals that use its service, but the attacks continued. The email provider emphasized that it had not been breached, merely disabled. “Even though access is limited, an important thing to note is that our core end-to-end encryption holds strong and is 100% untouched. All user data is fine and safe.” ProtonMail said it “grudgingly agreed” to pay the ransom after pressure to mitigate damage to the other customers of ProtonMail’s ISP and data center, which were affected by the attack, but the attacks continued even after ProtonMail paid up. The email provider emphasized that it had not been breached, merely disabled. “Even though access is limited, an important thing to note is that our core end-to-end encryption holds strong and is 100% untouched. All user data is fine and safe.”
Yen said that the attack was unlike anything seen in the country. “The attack against us was unprecedented for Switzerland, and the attackers took down an ISP and entire datacenter just to take us down,” Yen said. “The solutions to defend are also complex and will take time to implement.”Yen said that the attack was unlike anything seen in the country. “The attack against us was unprecedented for Switzerland, and the attackers took down an ISP and entire datacenter just to take us down,” Yen said. “The solutions to defend are also complex and will take time to implement.”