fbpx
Frame-14

Privacy Ninja

        • DATA PROTECTION

        • CYBERSECURITY

        • Penetration Testing

          Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

Tutanota Encrypted Email Service Suffers DDoS Cyberattacks

Tutanota Encrypted Email Service Suffers DDoS Cyberattacks

Encrypted email service, Tutanota has experienced a series of DDoS attacks this week, first targeting the Tutanota website and further its DNS providers.

This had caused downtime for several hours for millions of Tutanota users.

The outage was further exacerbated by the fact that different DNS servers continued to cache the incorrect entries for the domain.

Tutanota is a German provider of end-to-end encrypted email service with over 2 million users. The company is frequently cited alongside popular encrypted email providers like ProtonMail.

Also Read: Going Beyond DPO Meaning: Ever Heard of Outsourced DPO?

First DDoS Attack

DDoS attacks directly targeting Tutanota surfaced on the weekend before September 14th.

This incident caused issues for a few hundred users, but was remedied shortly by restricting an “overreacting IP-block” responsible for the attack.

“This weekend continuous DDoS attacks and an infrastructure issue led to [downtimes] for hundreds of users. While we were able to mitigate most of the DDoS, an overreacting IP-block to fight the attacks led to hundreds of users not being able to access Tutanota for multiple hours this Sunday,” stated Tutanota in a blog post.

The post further boasted of the many anti-DDoS measures and improvements the company has implemented which should make it quicker to remediate any future disruptions that may arise from DDoS attacks.  

“In general, despite the setback on Sunday, our DDoS mitigation has improved a lot. We are now able to mitigate most attacks within short times,” read the post.

Attackers Further Strike DNS Providers

Rather than focusing on bringing down Tutanota’s servers directly, the attackers decided to employ alternative means.

The second iteration of the DDoS attack hit the DNS provider which hosts records for Tutanota.

“As a result these providers went down. We quickly tried to update our DNS records and host them at another provider. This did not work initially because the DNS entries got locked at one of the DNS hosting providers,” states the company in another post.

The fact the DDoS attacks brought the DNS providers down made it challenging for the company to change DNS records midway. This left millions of users without access to their Tutanota accounts:

“Because we couldn’t change the DNS entries for our domain, Tutanota was inaccessible for millions of users around the world for most of Wednesday night.”

Also Read: MAS Technology Risk Management Guidelines

“Direct Attack” on our Freedom and Privacy

Tutanota’s co-founder Matthias Pfau told BleepingComputer, “This is a direct attack on our freedom and our right to privacy. With Tutanota we provide a secure communication tool to millions of users around the world, also to activists and journalists. These constant attacks against Tutanota seem to have only one aim: To stop citizens from using encrypted email.”

As soon as the circumstances permitted, Tutanota’s administrators were able to re-map the DNS entries for the domain to another DNS provider which could withstand the continued attacks.

The company confirmed that the service to their email service had been restored as of Thursday, September 17th at 7:30 CET.

Because of the intermittent outages, however, several emails sent to Tutanota’s users may have not been delivered and bounced back to the sender.

Tutanota reassured its users that no user data was compromised and that the end-to-end encrypted nature of the service makes it impossible for even the company to access the data.

“As we are improving our own DDoS mitigation system, the attackers seem to look for other targets to harm us”, says Pfau. “As we are a privacy-focused service, using a mitigation service that requires our SSL key for their service is not an option for us.”

“That’s the challenge of building a secure and privacy-respecting email service. But we’ll achieve this, just like we’ve managed to not use any Google services like Google push for our Android app.”

0 Comments

KEEP IN TOUCH

Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection

REPORTING DATA BREACH TO PDPC?

We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.
×

Hello!

Click one of our contacts below to chat on WhatsApp

× Chat with us