The site, which provides a free Web based encrypted email service was sent a threatening message demanding 15 Bitcoins in exchange for holding off on a distributed denial of service (DDoS) attack.
At first Protonmail ignored the threats, but after two attacks, the site’s owners capitulated and paid up. But, unsurprisingly, the hackers kept disrupting it, and other sites on its network. This isn’t the first time a multi-national firm has paid hackers to leave it alone.
In August, hackers managed to extort Bitcoins out of an Australian multinational after making threats to a senior member of staff’s family.
In the US, a group of police departments in May had to pay infiltrators after they stole all their digitised police records.
The reason for paying is a familiar one. “We needed our programs to get back online and that was a choice we all discussed and took to get back online to get our information,” said Damariscotta Police Chief Ron Young told a local TV network after the attack.
Which is understandable. But it is also a symptom of the eyes-wide-shut policy so many companies have when it comes to Web security. Total global losses from cyber crime stood at US$445 billion as of June 2014. That was before attacks like that on American retailer Target which cost the company $250 million to clean up.
It’s the reason cyber-insurance has become one of the fastest growing arms of the finance industry. In 2012 the value of underwritten policies was $850 million. Two years later it was worth $2.5 billion, and is expected to balloon to $7.5 billion over the next five years.
Paying hackers to stop mucking around with your website sets a dangerous precedent and effectively says to anyone else looking to make a quick buck, ‘it’s an easy way to make easy money’.
The Swiss hacking group Armada Collective, who claimed responsibility for the attack on Protonmail have made a steady living disrupting Swiss sites in return for Bitcoins. They’ve even started targeting Thai banks, if recent reports are to be believed.
It’s a painful lesson, but one that needs to be learned and planned for, no matter how big or how small the company may be. DDoS attacks have become common place. It’s the only style of hacking to grow in popularity since 2003 to the point where breaches have become a daily occurrence.
But, with the right infrastructure and planning their potential for damage and disruption can be greatly reduced. Techniques such as sink holing – which diverts all traffic away from the site effectively discarding it – proper server configuration – that defines fair usage of the site and can help stop things from getting out of hand – and a sea of DDos mitigation appliances mean companies have a range of defences to equip themselves with.
Protonmail has said it is raising the money to help pay for an upgrade in its security. But could the pain of paying for a security overhaul be prevented if preventative measures were put in beforehand?
Don’t wait until the thieves have broken in, to install an alarm.
Image credit: Shutterstock