ProtonMail, an encrypted e-mail service provider, has given out details on the DDoS attack they suffered that began on the 3rd of November.
The email service provider was punched by two separate DDoS attacks which led to the company having to go offline.
According to ProtonMail, the attack was "unprecedented in size and scope." Moreover, the company justified their action of paying the ransom money because the attack affected over a hundred companies already.
In order to stop the attack, the company said they had to "grudgingly" paid the 15 bitcoin ransom.
However, on the next morning at around 11AM, came another attack. This has caused ProtonMail floundering in an attempt to branch out the flow of illegitimate traffic.
"We hope that ProtonMail, who are, we shouldn't forget, the victims of a criminal attack, are able to restore their systems to normal operation sooner rather than later," security expert Graham Cluley commented.
According to Rapid News Network, through MELANI (a division of the Swiss federal government), they were able to make an exchange information with other companies that were also attacked and made a few discoveries.
Moreover, in a blogpost, ProtonMail written that it received an e-mail that contained a risk to assault its website unless it paid a ransom (GBP3,640).
"Afterward is the second stage involving more complexity, as it searched and destroyed liable points in the infrastructure of our ISPs," Protonmail added.
The encrypted email company has described the said cyberattack as "the most sophisticated" in Swiss history.
Shortly afterward, the company explained that the attack was under a DDoS attack which took the email service offline for around 15 minutes.
Protonmail believes that there are at least two groups that were behind the attacks. Although it is unknown if the two groups are working together. One of the suspected groups is the Armada Collective, and according to Protonmail, the other one is not "afraid of causing massive collateral damage in order to get at us".
"Protecting against a highly sophisticated attack like the second one which was launched against us requires sophisticated solutions as we also need to protect our datacenter and upstream providers." Therefore, the company is now requesting for donations for its ProtonMail Defense Fund.
What do you think of the action of ProtonMail against its perpetrators? Is paying the ransom money the better move to make when faced with a problem like this?