Chennai-based online productivity and SaaS company Zoho said that it has become subject to a cyber attack that began on Wednesday, following which the attackers issued threats and attempted blackmail.
The hackers used a distributed denial-of-service attack (DDoS) type of attack to flood Zoho’s servers with requests from multiple sites, with the intend to make the company’s services unavailable to customers.
Zoho, which makes products that compete with Salesforce, Google and Microsoft globally. The email service of Zoho is considered so secure that the National Security Agency, the tech spy agency of the US government found it difficult to crack, according to leaked documents by Edward Snowden, the German newspaper Des Spiegel said in January.
Zoho has informed users that their data is secure, but cannot be accessed reliably due to the crowd created by the attack on its networks.
“Companies like us, that have offered services accessed through the internet for many years, carefully prepare for and expect these attacks. But the attacks are getting worse and more sophisticated,” said Vijay Sundaram, Chief Strategy Officer at Zoho, wrote in a blog post.
Zoho said it has contacted law enforcement agencies to find and mitigate the attack, however, the Indian cyber security cell hasn’t received any notification of the attack.
"Zoho has not reported this incident to us. If they do, we will collaborate with global CERTs to identify the threats and advise on mitigating the DDoS attack," said B.J. Srinath, Director General of Indian Computer Emergency Response Team (CERT-in) . "If required, we will also get police to investigate with our help the attack and identify the perpetrators. We also give technical help to them".
This attack is focused on denying access since it targets the network connections to our servers. All your data are sound and secure, but unfortunately you cannot access it reliably. This is like a crowd of people standing around the entrance to your bank, preventing your entry. Your money is in there and safe, you just can’t get at it until we have them all moved, said Sundaram in his blog.