‘There are those who wish to do us harm’
The world of cyber risk can often feel like it is something others face. You read about hacks and attacks but so far, it hasn’t happened to you. In amongst the plethora of different risks you can face is a simple but very powerful assault called a DDoS attack. This is a Distributed Denial of Access attack that seeks to cripple your ability to communicate or trade with customers by flooding your website servers/internet connected resources with masses of unwanted traffic.
Exciting email service ProtonMail which seeks to protect the privacy of companies and individuals via an encrypted email service has recently come under attack by unknown sources. According to Proton they feel they are specifically being attacked by ‘those who wish to do us harm’.
The availability of dark web services to order DDoS types of attack highlight the risk that all businesses face. A competitor or just a malicious person (former employee perhaps?) can cause chaos and brand damage. We thought it would be worthwhile to relay the message from the Proton team to show how much effort they are putting in to resume normal trading. The last paragraph of their message is particularly poignant.
‘We want to give everyone an update regarding the connectivity issues some of you may have experienced recently. Over the past couple of days ProtonMail has been under extremely heavy DDoS (Distributed-Denial-of-Service) attack.
During these incidents, some users may have experienced intermittent connectivity problems or delays sending/receiving emails. We are working closely with engineers at Radware, our DDoS protection provider, to resolve these issues. At this time, the attacks are still continuing. [Note: After several days – VRG]
Despite the intermittent connection problems, no emails were lost, no data was lost, and no data was breached. In any case, we utilize zero-access encryption which keeps your emails secure even in the event of a breach. While ProtonMail defends against DDoS and other cyber attacks on a daily basis, the attacks we faced this week posed a particularly difficult challenge because it is a new type of DDoS from a previous unknown network of compromised devices. To assist in the attack mitigation effort, we have partnered with F5 Networks to help deal with this new threat.
Our infrastructure team and the Radware and F5 Network engineering teams have put in a huge effort while working around the clock to manage this new threat. As a result of their hard work, most of the attacks in the past 24 hours have been well mitigated with minimal user impact.
We understand how important it is for ProtonMail to be not only secure and encrypted, but also always available. It is essential for the millions around the world who depend on us, and essential for our mission of making privacy and security accessible to all.
This mission is challenging. There will be setbacks from time to time, and there are also those who wish us harm. However, we have your support, and a team of experts, which will allow us to overcome these challenges’
Take care out there with your IT and web technology risk. Make sure your risk management is up to speed and that you have back up resource via Cyber Liability Insurance protection.