DDoS Attacks on Runbox

Yesterday and today Runbox was subject to Distributed Denial of Service (DDoS) attacks. This was initiated by a group that have threatened that if Runbox does not pay them a large amount of money, further attacks will take place in the coming days.

We were able to successfully mitigate against the effects of both incidents. During the initial attack we were down for around 15 minutes before we could put a solution in place. Today our customers should not have noticed any effects of the attack.

We think the attacks might be scaled up in the coming days.

What is a DDoS Attack?

A DDoS attack is when multiple computers are used to send a very large amount of traffic to a targeted system. This floods the bandwidth and resources of the system to a point where genuine connections from users cannot get access. This makes the service appear to be “down”.

Who is affected?

You may have heard recently that other email providers, such as ProtonMail and VFEmail, have also been attacked in this way, and a number of banks have also been affected. These sorts of attacks are not new on the Internet, and for those who run Internet based services are part of the everyday Internet “weather”. However, attacks on the scale we have seen recently can be challenging to deal with.

How will this affect me?

If Runbox is subject to another DDoS attack you may experience problems connecting to Runbox’ website and email services, and there might be delays delivering incoming and outgoing email.

What is Runbox doing about this?

Although DDoS attacks are something all providers of Internet services can expect to deal with at some time or other we should be clear that they are a criminal act, and demanding payment to prevent them is extortion. Runbox will never pay to prevent such attacks, and anyone who does pay helps create a market for these groups.

We have reported these incidents to The Norwegian National Authority for Investigation and Prosecution of Economic and Environmental Crime, and are also working with our partners and the Norwegian Computer Emergency Response Team (NorCERT) to mitigate against further attacks.

What can I do?

Stand by Runbox while we fight off this attack. We must not give criminals the power to decide which Internet services we use, or how, or when. It might be a bit bumpy, but we are confident that along with help from the authorities and our partners we will be able to fend it off.

If you are an email provider, or a provider of any online service, never give in to extortion. Doing so will only strengthen and embolden the criminals, and the next attack might be worse.

If Runbox is attacked how can I get information?

If Runbox is targeted again and appears to be unavailable, we will use our Support Center, Twitter page and a status page to post updates.

If you have any questions about this, please contact us via our Support Center.

11 thoughts on “DDoS Attacks on Runbox”

  1. “We must not give criminals the power to decide which Internet services we use, or how, or when.”

    “If you are an email provider, or a provider of any online service, never give in to extortion. Doing so will only strengthen and embolden the criminals, and the next attack might be worse.”

    Hear hear. Good luck guys, and well done on sticking to your position.

  2. I agree with an earlier comment that your transparency is to be commended. I’m glad I picked you for my email provider.

  3. I would like to thank Runbox for being pro-active in communicating with us in this way. I really appreciate it. Also for being an excellent solution when others are less secure and private.

  4. My son is a Cyber Security Analyst in the San Francisco area.Thesy experience these kind of attack almost on daily basis. Don’t pay them,and they will go away in time 😎😎😎

Leave a Reply

Your email address will not be published. Required fields are marked *