Why cryptocurrency is the newest DDoS battlefield
It is hard to pretend that cryptocurrency is still a niche fad. In January, James Altucher, entrepreneur and editor of the Altucher report, predicted to CNBC that cryptocurrencies will replace some or all paper money in the long run. He believes enterprises will eventually adopt the Bitcoin as the cryptocurrency begins to rise to prominence. And it’s not just finance and tech getting in on the cryptocurrency boom. Celebrities such as 50 Cent revealed recently that he had $7 million in Bitcoin that he plumb forgot about. Both those in the business and consumer world are paying attention to Bitcoin but the problem is, attackers are paying attention as well.
Cryptocurrency under attack
Back in December 2017 interview with CNBC, A10 Networks CEO Lee Chen predicted that cryptocurrency would find itself in DDoS attackers’ crosshairs as one of 2018’s biggest DDoS battleground. And according to Coin Telegraph, our CEO’s prediction is ringing true. Cryptocurrency exchanges are now the biggest worldwide DDoS target. In Q3 2017, 75 percent (or three out of every four) Bitcoin exchanges were hit with a DDoS attack.
Just this month, BitConnect, a cryptocurrency lending and exchange platform, announced it would shut down, and partially said a string of website paralysing DDoS attacks contributed to its closure. BitConnect isn’t alone. Other large exchanges, including Bitfinex and Bittrex, saw their services sidelined by DDoS attacks late last year. Yet none of these attacks were as massive as the one that hit Bitcoin Gold during its launch, which rendered the site inaccessible, as well as the takedown of the Poloniex exchange, which ground trading to a halt.
The main reason behind the spike in DDoS attacks against cryptocurrency businesses is simple: cryptocurrency is becoming more popular and more valuable. Attackers want to disrupt the high traffic sites and deny users access to services and their money and because trading happens in real time - any moment of downtime can be catastrophic. Additionally, coupled with cryptocurrency being decentralised and not tied to or backed by a government makes it an attractive target for attackers.
Defending against DDoS
Organisations must leverage the latest security solutions to stand up to DDoS attackers, and that goes double for cryptocurrency exchanges, which are currently prime targets. It’s imperative that companies leverage DDoS defence solutions that can detect, mitigate and report on multi-vector DDoS attacks of any size and any scale. And their DDoS defence solutions should have a built-in intelligence of known bots and agents to defend networks against current threats.
Hybrid protection is also key. Hybrid DDoS defence gives you the best of both worlds by combining cloud scrubbing with the surgical precision and context-aware controls of an always-on, instant on-premise DDoS solution. Hybrid DDoS protection works this way: when DDoS attack volumes grow beyond the capacity of your internet pipe, it diverts traffic to the cloud to maintain service availability. This ensures you can defend against frequent smaller and sophisticated attacks that target applications, services and security devices, and the colossal 1 Tbps volumetric attacks that crush companies.
Blending cloud and on-premise DDoS defence ensures network exhaustion and application layer attacks are caught, and it eliminates mitigation errors that cause collateral damage to legitimate traffic and users. So, whether you run a popular cryptocurrency exchange, a global enterprise, or are simply interested in cryptocurrency, by following hybrid cloud solutions you can be protected against modern multi-vector DDoS attacks of any kind and any size.
- » Why C-suite expertise does not always translate to InfoSec awareness
- » Organisations struggling to complete digital transformation initiatives – with revenues suffering
- » Why enterprises are losing by default to cybercriminals
- » Enterprises fail to achieve ‘transformational’ level of maturity for data and analytics
- » A guide: How to better manage your personal information