ProtonMail sets a dangerous precedent and opens itself up to further attacks by paying ransom
In the world of malware, one of the most recent trends is ransomware -- malicious software that either blocks access to a computer until a fee is paid, or files are encrypted until a ransom is put forward. As with ransomware and kidnapping, a ransom is often demanded by hackers and instigators of DDoS attacks.
This is precisely what happened to 'secure' email provider ProtonMail the other day when it found its datacenter inundated with traffic. At the time, the company asked for donations to cover the costs of the "quite expensive solutions" needed to fight back against "the sophistication of this attack". But rather than fighting back, ProtonMail decided to pay the ransom instead. This could prove to be a terrible mistake.
When asked to pay a ransom, there is more than an element of trust involved. In this instance, ProtonMail was told that unless it paid a 15 bitcoin ransom, it would be attacked. Sure enough, a barrage of attacks followed. ProtonMail promised to fight back and gathered funds to do so. But then the Swiss company buckled. It 'grudgingly' coughed up the money (just under $6,000) and hoped that would be the end of it.
But it wasn't.
The attacks continued meaning that ProtonMail had parted with money for no reason. And this is very real danger facing any technology firm held to ransom; it's very much a case of Sophie's choice. Opt not to pay up and you run the risk of sustained attack. Pay up and you have no guarantees that the attacks won't continue, nor that more money will be demanded. In fact, stump up the dough and a dangerous precedent is set. It marks the company out as weak and willing to bend: the perfect target for any group looking to make a quick buck.
The BBC reveals that the attack appears to have been carried out by Armada Collective, a Swiss group responsible for numerous other online attacks. It seems that ProtonMail now regrets its decisions to pay the ransom. The company says it would advise anyone else against doing so. It is now trying to raise money to pay more than $100,000 for DDoS protection from a commercial security firm.
Our ISP came under renewed DDoS attack this morning so we are offline again. We need your help to fight this: https://t.co/RnC8L99U0U
— ProtonMail (@ProtonMail) November 6, 2015
But this is a route that is certainly not open to everyone -- and at this stage it's not clear whether it's really a viable option for ProtonMail either. The problem of ransom demands places companies in a real dilemma, and the problem with paying up is that you're damned if you do, and you're damned if you don't.
Photo credit: Robynrg / Shutterstock