Unprecedented DDoS attack on an encrypted CERN mail platform (deemed undecipherable)
November 3 began the attack on servers developed by CERN * in 2013, following the NSA scandal
Source of attack: DD4BC Team (US group / s)
Source of the info: Melani (division of the Swiss Federal Government) so it's very serious!
Mac Bidouille, Lionel / 2012 wrote:Internet: ProtonMail ransomed
ProtonMail, one of the few efficient end-to-end encrypted messaging sites (500.000 users, double password, RSA and AES encryption combined), created at CERN in 2013 following the NSA scandal and supposedly indecipherable by the "agency", must probably disturb because it was ransomed this week to the tune of 15 bitcoins (approximately 5500 euros) in order to stop a DDOS attack on its servers and routers without technological precedent.
FYI, Protonmail's servers are located in Switzerland and therefore escape American and European legislation.
The attack began on Tuesday November 3 and seems to have stopped before yesterday despite the payment of the ransom by the provider of the encrypted email site.
Site security was not affected.
However, the attack was particularly violent, with traffic exceeding 100 gigabits per second, blowing up the datacenter as well as the uplink providers, as well as routers located in Zurich, Frankfurt and other places where the ISPs had nodes.
The attack therefore not only impacted Protonmail but also hundreds of companies sharing the same web service providers.
According to information recovered by Melani, a division of the Swiss federal government, the attack took place in 2 stages.
First, a volumetric attack on ProtonMail ip addresses with ransom note.
Then a much more complex attack that targeted weak points in the infrastructure of ProtonMail service providers.
This second attack, like its sophistication, is a first in Switzerland.
Melani sees it as an attack by two distinct groups, (Armada Collective and DD4BC Team), the second more falling within the competence of state groups.
Protonmail estimates that to protect itself from attacks such as the second, it will cost it around 90 euros per year and recalls that they are obviously open to donations, and has launched a crowdfunding campaign to protect privacy by line that seems to bother some states.
From there to imagine that the NSA cannot decrypt ProtonMail….
https://www.gofundme.com/protonmaildefense
https://protonmail.com/
Friday 06 November 2015 23 p.m. Geneva. The site is again offline.
Source of the article: http://macbidouille.com/news/2015/11/07 ... l-ranconne
I would add that this is not the first attack in the sector, since, notably the historic provider of Switzerland (Swisscom) already suffered in September and October, serious disturbances that had blocked its entire network.
I think the wisest would be to withdraw its license to Cablecom (American provider on Swiss soil where the flows of 100 gigabits / sec probably came from, because apart from them, I don't see Swisscom authorizing this ...)
It is also clearly an attack on the Swiss Confederation itself, since many magistrates use the services of these servers.
To support the server against attacks:
https://www.gofundme.com/protonmaildefense
* CERN: European Center for Nuclear Research.