Yesterday and today Runbox was subject to Distributed Denial of Service (DDoS) attacks. This was initiated by a group that have threatened that if Runbox does not pay them a large amount of money, further attacks will take place in the coming days.
We were able to successfully mitigate against the effects of both incidents. During the initial attack we were down for around 15 minutes before we could put a solution in place. Today our customers should not have noticed any effects of the attack.
We think the attacks might be scaled up in the coming days.
What is a DDoS Attack?
A DDoS attack is when multiple computers are used to send a very large amount of traffic to a targeted system. This floods the bandwidth and resources of the system to a point where genuine connections from users cannot get access. This makes the service appear to be “down”.
Who is affected?
You may have heard recently that other email providers, such as ProtonMail and VFEmail, have also been attacked in this way, and a number of banks have also been affected. These sorts of attacks are not new on the Internet, and for those who run Internet based services are part of the everyday Internet “weather”. However, attacks on the scale we have seen recently can be challenging to deal with.
How will this affect me?
If Runbox is subject to another DDoS attack you may experience problems connecting to Runbox’ website and email services, and there might be delays delivering incoming and outgoing email.
What is Runbox doing about this?
Although DDoS attacks are something all providers of Internet services can expect to deal with at some time or other we should be clear that they are a criminal act, and demanding payment to prevent them is extortion. Runbox will never pay to prevent such attacks, and anyone who does pay helps create a market for these groups.
We have reported these incidents to The Norwegian National Authority for Investigation and Prosecution of Economic and Environmental Crime, and are also working with our partners and the Norwegian Computer Emergency Response Team (NorCERT) to mitigate against further attacks.
What can I do?
Stand by Runbox while we fight off this attack. We must not give criminals the power to decide which Internet services we use, or how, or when. It might be a bit bumpy, but we are confident that along with help from the authorities and our partners we will be able to fend it off.
If you are an email provider, or a provider of any online service, never give in to extortion. Doing so will only strengthen and embolden the criminals, and the next attack might be worse.
If Runbox is attacked how can I get information?
If you have any questions about this, please contact us via our Support Center.