Possible service disruptions due to DDoS attack
We would like to inform you that since Friday, October 22 we have been facing episodes of DDoS attacks on our infrastructure.
What is a DDoS attack
We have already written a blogpost on this topic. Put simply, during DDoS or Distributed Denial-of-Service attacks internet services are overloaded with connection requests by attackers. Customers are then temporarily unable to access the service in question – or only in a very limited manner. This can occur on different levels e.g., Network (and/or Transport) or Application or both. Data itself is not attacked during DDoS attacks, and remains safe.
Mailfence: Present DDoS situation
We do have safeguards and use a dedicated anti-DDoS service. DDoS attacks can however still have side-effects or can cause service disruption, depending on the intensity of the attack.
Due to a technical error on our upstream provider on Friday, 22 October there have been network disruption and delays which affected the availability of service.
We faced another round of attacks yesterday, 23 October. Although they were warded off effectively, we would like to inform you that disruptions could occur again. We have already strengthened our existing safeguards and continue to further improve them.
We have received a threatening letter and a demand for money. We do not intend to pay. Companies should not be blackmailed under any circumstances. Paying ransoms and succumbing to blackmail makes companies more attractive to future attacks. In addition, DDoS attacks often are not stopped even if money has been paid.
According to our security policies we have also informed the respective Belgian Service (CERT).
Practical points to note
As a secure email provider, we take our responsibility seriously. We therefore would like to give you a few tips.
In case Mailfence should suddenly become slower or be temporarily unavailable within the next days, please proceed as follows:
- There are no technical disturbances on our part and your data is and will remain safe at all times. It is just the access to your data that is disrupted by overloading our network and servers.
- Emails are not lost. When a temporary disruption occurs emails are delivered as soon as the network is available again.
- Should you have any problems accessing Mailfence, please wait and then try again some minutes later. You soon will be able to log in to your account as usual. Doing rapid consecutive requests to login or download mails worsen the situation for servers that are under attack.
- Visit our Twitter profile or other social channels to keep up to date.
- Please do not send emails to our customer support. One of the attackers’ goals is to overload companies that are being blackmailed with masses of customer requests.
Online privacy is here to stay
Last but not least, we would like to thank our community of users. We built Mailfence for you, and we would like to thank you for supporting us, in both good times and bad times.
Your support, donations and upgrades give us the resources to develop a secure and private email service and fight against DDoS attacks. We are aware that similar Distributed Denial-of-Service attacks are taking place against some other services such as Tutanota, FastMail, Mailbox.org, Posteo and Runbox and wish our colleagues strength. By attacking private email services, the attackers send a message that they do not want online privacy to succeed. However, we plan to send them an even stronger message: Online privacy is here to stay. Learn more about Mailfence on our press page.
– Mailfence Team
Salman works as an Information security analyst for Mailfence. His areas of interests include cryptography, security architecture and design, access control and operations security. You can follow him on LinkedIn @mohammadsalmannadeem