After experiencing an onslaught of DDoS attacks, which saw it hand over the ransom that was demanded, ProtonMail has once again been targeted by cybercriminals.
A renewed distributed denial of service (DDoS) attack has forced ProtonMail to take its website offline again, the Switzerland-based encrypted email provider announced on Twitter.
Days after experiencing a barrage of attacks, the enterprise is once again at the mercy of cybercriminals.
This further onslaught comes on the back of ProtonMail “grudgingly” paying the ransom that had been demanded by the attackers (15 bitcoins that are worth about $6,000).
It was hoped that as a result of this, the situation would improve. However, the DDoS attacks continued as if nothing had changed.
Alarmingly, Proton believes that at least two groups were behind the attacks, although it is yet unknown whether they were working together.
It said: “The attack disrupted traffic across the ISP’s entire network and got so serious that the criminals who extorted us previously even found it necessary to write us to deny responsibility for the second attack.”
The encrypted email provider has described the cyberattack as “the most sophisticated” in Swiss history.
It added that some of the capabilities demonstrated are “more commonly possessed by state sponsored actors”.
As a result of the severity of the attacks, and concern that this is the beginning of a concerted effort by cybercriminals to attack the business, ProtonMail said that it needs to invest in state-of-the-art security solutions.
It has set up a fund to help pay for this, explaining that while cybersecurity of this kind is expensive to implement, it is essential to allow it to offer a valuable service.
“We are fighting not just for privacy, but for the future of the internet.”
“We are fighting not just for privacy, but for the future of the internet,” it went on to say in its blog post.
“Over the next several weeks, we will begin putting in place the sophisticated protections that are necessary to withstand large scale attacks like this to ensure that online privacy can’t be taken down.”