Distributed denial of service (DDoS) attacks with extortion demands for payments in Bitcoin to stop them are becoming more and more popular in 2015, but what happens if you give in and pay the ransom?
Switzerland-based email service provider ProntonMail (Proton Technologies AG) has found out the hard way that paying the ransom doesn’t work after the company experienced the multiple DDoS attacks and paid the ransom.
The company was hit by its first DDoS attack on November 3, complete with an now usual email preceding it that warned it would happen if a payment was not made; after the first attack resulted in the website being offline for fifteen minutes, a second attack on November 4 was described as being more sophisticated and intense.
After taking steps to mitigate the attacks with their datacenter and their upstream provider, the attack went further: “The attackers began directly attacking the infrastructure of our upstream providers and the datacenter itself,” ProntonMail wrote in a blog post.
“The coordinated assault on our ISP exceeded 100Gbps and attacked not only the data center, but also routers in Zurich, Frankfurt, and other locations where our ISP has nodes. This coordinated assault on key infrastructure