Solving the DDoS problem plaguing cryptocurrency exchanges

For a brief moment in time, life was golden in the world of cryptocurrency. Futuristic virtual currencies like Bitcoin had exceeded all expectations, going from confusing money-like concepts to powerhouse currencies hailed as disruptors thanks to their blockchain technology. Reporters swooned, and investors salivated. Soon even the Average Joe and his even more average friend Ted were wondering how they could get Winklevoss twin-rich with cryptocurrency investments. Yes, cryptocurrency had arrived and had done so with a level of fanfare that had gone unseen for quite some time. Like Jack Dawson, cryptocurrency was king of the world.

Too bad about that iceberg.

Exchange pain

It’s a predictable trend in the online world: when an industry gets hot and attracts a lot of traffic and attention, cybercriminals will be right in the thick of it, and they will be drawing a great big bullseye. In the case of Bitcoin and other cryptocurrencies, that bullseye was drawn on cryptocurrency exchanges, which are the platforms where customers buy, sell and trade cryptocurrencies.

While jaw-dropping cryptocurrency exchange hacks have certainly grabbed headlines thanks to the staggering figures involved ($350 million, for one hideous example), there is a much more constant and exhausting threat to cryptocurrency exchanges, and it is DDoS attacks. According to leading providers Incapsula, cryptocurrencies vaulted into the top ten most attacked industries in the third quarter of 2017, landing at number eight. This is a ranking that is very likely to rise.

Attack appeal

A DDoS or distributed denial of service attack is a cyberattack that takes a website, online service or platform offline by barraging it with the huge amount of malicious traffic that can be generated by a botnet – a network of devices that can be controlled remotely thanks to malware infections.

There are a number of reasons DDoS attackers are taking aim at cryptocurrency exchanges. On one end of the spectrum you have the attackers that target hot industries like cryptocurrency just so they can stand back and be entertained by the fallout in the mainstream media and on social media. Considering margin traders can potentially lose thousands of dollars if an exchange is down for even just minutes and they’re unable to make desired trades, that fallout will be fast and furious.

Close to the doing it for the lulz end of the spectrum are the attackers who do it because it’s easy. If a distributed denial of service attack is timed to coincide with a natural high-traffic event such as when a cryptocurrency’s value spikes or bottoms out, all it could take is a nudge of extra malicious traffic to take the platform offline and hey look, you’re the guy or gal behind a high-profile DDoS attack and won’t your script kiddie buds be impressed.

At the other end of the spectrum you have attackers making money from their exchange assaults – professional attackers who have been paid to take aim at a specific exchange, perhaps on behalf of a competitor, and attackers who trade cryptocurrency and time attacks to hit just after they’ve sold their cryptocurrency at a high value. A cryptocurrency’s value can often plummet during an attack, allowing attackers to maximize their profits by buying up more cryptocurrency at the lower value and waiting for it to rise again.

Whatever the reason behind the attack, the result is the same: an exchange that’s unavailable to customers, and customers that are livid because of it and likely ready to take their business elsewhere. In the highly competitive cryptocurrency exchange industry, customer loyalty is everything.

Cryptocurrency considerations

For most industries, the answer to the DDoS problem is a basic one: get professional protection. However, while cryptocurrency exchanges certainly do need professional protection, not just any professional protection will do.

Here are absolute requirements for cryptocurrency exchange DDoS mitigation:

A virtually non-existent time-to-mitigation. How fast can a service respond? This will be set out in the SLA. In an industry where one minute of downtime matters, you need the fastest response possible. Industry leaders can clock in at under 10 seconds.

Intense scrubbing muscle. When attackers come for an exchange, they will likely do so with a powerhouse Internet of Things botnet consisting of hundreds of thousands of devices. An exchange’s DDoS protection needs scrubbing servers that can handle network layer attacks weighing in at 500+ Gbps with packet forwarding rates in excess of 150 Mpps.

Brains to go with the brawn. Application layer attacks don’t have to be big to be effective because they tend to be exceedingly clever. Cryptocurrency exchanges need DDoS mitigation with high-level traffic analysis that keeps even the craftiest legitimate-seeming attacks from touching the server.

Unimpacted user experience. A DDoS attack doesn’t have to take a site right offline to be effective. If an attack impacts the user experience at all, it has won. This can include site or service slowdowns or even annoying authentication requests like CAPTCHAS or identity-confirming emails. An exchange’s DDoS protection service needs to have a plan for preventing account takeover attempts that doesn’t irritate or delay legitimate users.

One more consideration for cryptocurrency exchanges should be load balancing to maintain site performance when natural influxes of traffic are occurring. For that reason, a global content delivery network or cloud load balancing with added DDoS mitigation might be the optimal solution.

Striking gold again

By eliminating downtime, exchanges will keep users happy, and that’s one of the biggest pieces of the puzzle when it comes to succeeding as a cryptocurrency exchange. With the right DDoS mitigation, cryptocurrency exchanges – and cryptocurrency in general – could be back to enjoying that spot up on a pedestal in no time.

In this article