For as diverse a group as entrepreneurs, business owners and investors can be, there’s something almost every single one has in common. No matter where they live in the world, what age they may be, or where their interests may lie, everyone wants to make it big on the internet. To be at the forefront of the next emerging online sector is the dream of every would-be titan of industry.
Take it from the cryptocurrency industry, however: there is bad with the good. Towards the end of 2017, Bitcoin and its ilk rocketed up every major trend list. Unfortunately for cryptocurrency, this included the list of industries most targeted by DDoS attacks. As much as it may seem like these ubiquitous attacks are being fired indiscriminately all over the internet, they aren’t. Certain industries are getting hammered, and as the Global DDoS Threat Landscape Report from the fourth quarter of the 2017 can attest, cryptocurrency is climbing those ranks.
A rising industry
For those who pride themselves on being in-the-know, cryptocurrency is nothing new, but it flew under the radar in terms of mainstream awareness until partway through 2017 when it blew up like a supernova, hailed as a disruptor and becoming a must-have investment for everyone from margin traders to your next-door neighbor who last invested in Hummel figurines.
By no coincidence, DDoS protection provider Imperva Incapsula saw cryptocurrency enter the list of top 10 industries most targeted by distributed denial of service or DDoS attacks in the third quarter of 2017, making its debut at number eight. As cryptocurrency gained popularity, so too did it grow as a target for attackers. In the fourth quarter of 2017 it rose all the way to the fifth most-targeted industry in the Incapsula DDoS Threat Landscape Report.
As number five on the list, cryptocurrency joins such constantly-targeted industries as internet service providers, online gambling, IT and software and online gaming, and actually surpasses the finance industry.
Disrupting the disruptor
There’s a range of reasons the cryptocurrency industry has become so beleaguered by distributed denial of service attacks. Some are solely related to the industry’s status as the hot new thing, making it an attractive target for DDoSers that simply like to rabble rouse – to shut down what many see as an essential service and then sit back and watch the screeching fallout on social media, or to attackers who know sudden growth means an industry is generally unprepared and under-protected when it comes to these attacks. Platforms like cryptocurrency exchanges are made extra vulnerable by the stress of natural influxes of traffic, such as the ones that accompany rising or plunging currency values or an initial coin offering.
However, while the attacks on cryptocurrency exchanges have certainly intensified with the industry’s growing popularity, some of the reasons this industry is so heavily assaulted are ones that have made cryptocurrency exchanges an obvious target since 2009 and will continue to make them a target for as long as cryptocurrency exchanges exist.
The enduring vulnerability of cryptocurrency exchanges is illuminated in a study published in the Journal of Cybersecurity in June of 2017 that delves into the impact of DDoS attacks on Bitcoin exchanges, namely the now-defunct Mt. Gox. The study posits that cryptocurrency exchanges may be targeted by DDoS attacks because there is such a high level of competition between exchanges, and service disruptions caused by these attacks may lead to users turning to alternative platforms. The study also points out that attacks may be used to create favorable trading conditions for attackers, allowing them to buy and sell at their preferred values while blocking other traders.
The study analyzed millions of transactions that were publicly released after the collapse of Mt. Gox and found that DDoS attacks did, in fact, negatively impact the exchange’s business. Following confirmed and reported DDoS attacks, there was a significant reduction in the number of large trades made on Mt. Gox. Considering security events like DDoS attacks increase the chances of a failed transaction – including the possibility that the entire value of the transaction may be lost – it makes sense that traders would be wary of large transactions after a service disruption.
Though Mt. Gox ultimately shut down after a total of 850,000 Bitcoin went missing (approximately $450 million USD at the time), DDoS attacks played a major part in Mt. Gox going from the number one exchange in 2011 to nonexistent in 2014. After a total of 34 reported DDoS attacks on Mt. Gox in 2012 and 2013, four other cryptocurrency exchanges overtook it in market share. This was the beginning of the end for what was once the biggest cryptocurrency exchange in existence.
A problem to be solved
The answer to the DDoS problem for cryptocurrency exchanges lies in professional DDoS protection designed to preserve uptime for services that always need to be available. This means highly scalable, always-on protection with leading traffic analysis and a time to mitigation that clocks in under 10 seconds. Anything less and it’s angry traders losing out on thousands of dollars in a matter of seconds and an exchange losing out on an untold number of transactions as a result, with an ever-increasing number of competing platforms ready to scoop up that market share.
However, while cryptocurrency exchanges will remain a major target for many reasons, as the industry’s popularity eventually fades from white-hot to a steady red, there’s a good possibility it will drop a few spaces down the list of most-targeted industries. Not because trading conditions can no longer be manipulated or exchanges become less competitive, but because there will assuredly be a hot new industry that’s over-exposed, under-protected and ready to take cryptocurrency’s place on the charts. Unless, of course, that industry can learn its lesson from cryptocurrency.