Radware®, a leading provider of cyber security and application delivery solutions ensuring optimal service level for applications in virtual, cloud and software defined data centers, has been appointed by ProtonMail to help it fight back on the cyber attacks it has endured from multiple, simultaneous attackers.
ProtonMail has been fighting a series of Advanced Persistent DoS (APDoS) attacks, which have exceeded 100Gbps, and numerous attack vectors, that have shut down their secure email service, their ISP and every other company in their data center. The first attacker, the Armada Collective is a new hacking group motivated by financial gain who demanded a ransom from the company. The second attack came from an unknown group. This second attack caused the bulk of the damage.
Andy Yen, CEO of ProtonMail states,“Their sole objective was to take ProtonMail offline, at any cost, with no regards for collateral damage, and to keep us offline for as long as possible. The attack significantly disrupted our infrastructure and made email access impossible. This impacted over half a million users worldwide, including many journalists, activists, and dissidents who are active on our platform.”
The Swiss-based secure email provider has selected Radware’s Attack Mitigation System (AMS) to help it take control of the situation and regain control of the mail service. Radware’s AMS technology can accurately detect and mitigate emerging network attacks without the need for human intervention and without blocking legitimate user traffic, complemented by real-time reporting and monitoring. Radware began working with ProtonMail on November 8th as part of their Emergency Response Service and service was restored shortly after.
Carl Herberger, Vice President for Security Solutions at Radware, says “that corporations need to understand the severity of the Advanced Persistent DoS attacks, such as SMTP DoS, and review their security measures: ‘APDoS is akin to the way bomber aircraft would jam radar systems many years ago the type of attack is so varied and frequent that it becomes near impossible to detect them all, and more importantly difficult to mitigate them without impacting your legitimate web traffic. This technique will become a staple in the hacker’s armoury. The threat is real. It is vital that organisations equip themselves with the real-time detection and mitigation solutions that are capable of withstanding sustained attacks without impacting the service expected by customers.”
Yen further explains,"In order to mitigate the DDoS attack against us, we partnered with Radware, one of the world's premier DDoS protection companies. In Radware, we found a solution that was capable of protecting ProtonMail without compromising email privacy. Given the magnitude of the attack we faced, we knew that we would have to work with the best, and Radware's BGP redirection solution fit our requirements. During our hour of need, there were many companies who attempted to charge us exorbitant amounts, but Radware offered their services at a reasonable rate in order to get us online as soon as possible. With Radware DefensePipe, we were finally able to mitigate the attack on ProtonMail."
Radware’s 2014/2015 ERT Report reveals that 16.3% of cyber-attacks are motivated by ransom. Herberger adds,“Companies under cyber-attack should strongly consider whether or not they should pay the ransom demand. In this situation, they should consult their security experts to check if the attack is genuine and put in place proper mitigating measures.”
ProtonMail (protonmail.com) is a service offered by Proton Technologies AG (Switzerland). ProtonMail was founded in summer 2013 by scientists who met at CERN and were drawn together by a shared vision of a more secure and private Internet. Today, our core team also includes scientists from ETH Zurich, Caltech, and Harvard, and we specialize in building the secure and private online communications platforms of the future. Every day, the ProtonMail team, with the assistance of supporters from around the world, works to advance internet security and privacy.
Radware (radware.com), is a global leader of application delivery and application security solutions for virtual, cloud and software defined data centers. Its award-winning solutions portfolio delivers service level assurance for business-critical applications, while maximizing IT efficiency.
Radware’s solutions empower more than 10,000 enterprise and carrier customers worldwide to adapt to market challenges quickly, maintain business continuity and achieve maximum productivity while keeping costs down.
Radware encourages you to join our community and follow us on: Facebook, Google+, LinkedIn, Radware Blog, SlideShare, Twitter, YouTube, Radware Connect app for iPhone® and our security center DDoSWarriors.com that provides a comprehensive analysis on DDoS attack tools, trends and threats.
©2015 Radware Ltd. All rights reserved. Radware and all other Radware product and service names are registered trademarks or trademarks of Radware in the U.S. and other countries. All other trademarks and names are property of their respective owners.
Safe Harbor Statement
This press release may contain statements concerning Radware’s future prospects that are “forward-looking statements” under the Private Securities Litigation Reform Act of 1995. Statements preceded by, followed by, or that otherwise include the words "believes","expects","anticipates","intends","estimates","plans", and similar expressions or future or conditional verbs such as "will","should","would","may" and "could" are generally forward-looking in nature and not historical facts. For example, we cannot assure we will be able to mitigate such large volumetric attacks in such a short time in the future. Because such statements deal with future events, they are subject to various risks and uncertainties and actual results, expressed or implied by such forward-looking statements, could differ materially from Radware's current forecasts and estimates. Factors that could cause or contribute to such differences include, but are not limited to: the impact of global economic conditions and volatility of the market for our products; changes in the competitive landscape; inability to realize our investment objectives; timely availability and customer acceptance of our new and existing products; risks and uncertainties relating to acquisitions; the impact of economic and political uncertainties and weaknesses in various regions of the world, including the commencement or escalation of hostilities or acts of terrorism; Competition in the market for Application Delivery and Network Security solutions and our industry in general is intense; and other factors and risks on which we may have little or no control. This list is intended to identify only certain of the principal factors that could cause actual results to differ. For a more detailed description of the risks and uncertainties affecting Radware, reference is made to Radware’s Annual Report on Form 20-F which is on file with the Securities and Exchange Commission (SEC) and the other risk factors discussed from time to time by Radware in reports filed with, or furnished to, the SEC. Forward-looking statements speak only as of the date on which they are made and, except as required by applicable law, Radware undertakes no commitment to revise or update any forward-looking statement in order to reflect events or circumstances after the date any such statement is made. Radware’s public filings are available from the SEC’s website at sec.gov or may be obtained on Radware’s website.