Protonmail currently under massive DDoS attack - out of service 36 hours and counting.


Member Supporter
I'm sure Cloudflare could have done a much better job that Protonmail did. Maybe using Cloudflare introduces additional security risks to have a third-party company -- and a U.S.-based company at that -- cache protonmail files on potentially hundreds of servers around the world. I don't know.
Probably with some careful configuration with Cloudflare there should not be any private data exposed on Protonmail's side.


Member Supporter
Dear ProtonMail Community,

As many of you know, last week ProtonMail came under a massive distributed denial-of-service (DDoS) attack which knocked our service offline for several days. Unfortunately, we were initially unable to defend against such a massive attack and suffered downtime as a result. Despite the ferocity of the attack, our server security measures and end-to-end encryption meant we were able to keep user data secure.

This incident was one of the largest cyberattacks ever in Switzerland and caused enough damage to knock an entire datacenter offline. In an attempt to keep ProtonMail offline, upstream ISPs were also attacked, knocking hundreds of other businesses offline in countries as far away as Russia. The main attack began on Wednesday, November 4th, and it was not until the evening of Saturday, November 7th that we were able to bring the situation until control. Full details about the attack can be found on our blog here.

There is no doubt that the purpose of the attack was to keep ProtonMail offline for as long as possible. In doing so, the attackers wanted to deny email privacy to nearly a million people worldwide. The attackers hoped to destroy our community, but this attack has only served to bring us all together, united by a common cause and vision for the future. Our vision for an Internet that respects privacy and freedom can be assaulted, but it will never be destroyed.

Instead of weakening ProtonMail, these attacks have only made us stronger, and rallied more people to our cause. Collectively, the ProtonMail community raised $50,000 for the ProtonMail Defense Fund in just three days, giving us the resources to defeat the current attack and protect against future ones. In defending ProtonMail, we were joined byRadware, one of the world's premier DDoS protection companies. We also redesigned our network infrastructure to have a dedicated link to a Tier 1 carrier in Zurich. In addition to the privacy benefits of controlling all traffic in and out of our datacenter, this also makes our network far more difficult to attack.

Our cause is also joined by IP-Max, the best network experts in Switzerland. The IP-Max team worked extremely long hours for several days in a row to bring us back up. And they did it entirely on a volunteer basis, simply to support our community. Building an entire network from scratch and bringing it online in a few days requires an incredible effort, and it was only with their assistance that we were able to come back online as quickly as we did.

The result is that ProtonMail is now stronger than ever. Not only did we mitigate the largest DDoS attack in Switzerland in a couple days, we also gained the ability to resist such attacks in the future. We would like to thank the entire ProtonMail community for your many kind words of encouragement and support during this difficult time. We built ProtonMail for you, and it is truly an honor to have you standing behind us, in both good times and bad times. We look forward to continuing on this journey towards a more private and free Internet with all of you.

Best Regards,

The Entire ProtonMail Team



For people who don’t know what a DDOS attack is, here is a metaphor that best illustrates it:

Imagine yourself as a car on the freeway. You want to access ProtonMail, so you are driving to visit our site that’s located in Switzerland. Because the internet is amazing, it takes less than a second to arrive. During a DDOS attack, millions of fake cars join you on the freeway and cause a massive traffic jam. The result is that ProtonMail is unharmed and perfectly fine, but no one can visit because of the grid-lock.
Great explanation men !
Full details of the recent DDoS attack and the Protonmail response:

Exclusive: Inside the ProtonMail siege: how two small companies fought off one of Europe's largest DDoS attacks

Helping ProtonMail was risky as it could potentially expose other companies to the data-wrath of the new attackers. A Google engineer in Zurich drove to the datacenter to perform a cross-connect. Level 3 Communications stepped in to provide an emergency IP transit. "It wasn't just these guys that helped," said Yen, "all of Switzerland pulled together to help us. Many datacenters and network specialists offered us assistance, fully knowing the risks of helping."

"We helped because [ProtonMail] are like us," said Frederic Gargula, "they are a part of our networking and security community. They care about encryption, and they protect user privacy."

Finally, in the early hours of Sunday, November 8th, 2015, after a lengthy struggle, the joint ProtonMail, IP-Max and Radware team managed to turn the tide. Attacks continued a week after the assault, but were mitigated.