As an Indian bitcoin exchange found itself under DDoS attack, the attack has no sign of stopping anytime soon. Coinsecure found a spike in traffic where they noticed the amount of connections trying to get to the web site was interrupting exchange action. This led to delays in transactions when it comes to API calls.
The bitcoin exchange disclosed the reason behind the delays by pointing it to a DDoS attack which affected the website, API and the app on the Android phone.
Websites and Bitcoin exchanges are common targets for DDoS extortionists who wish to obtain bitcoin in form of ransom and this is why it is crucial for financial institutions to seek DDoS protection. 2017 is predicted to be a year where DDoS attacks are expected to grow with IoT devices and AI helping attackers plan attacks on major financial companies.
In the past, Bitcoin exchange in Thailand also faced a DDoS attack around November of 2015 from a different attacker seeking bitcoin. The extortionist in the case of CCN was requesting 2 bitcoins. The attacker was ignored by the company where the company offered up to 5 BTC for anyone to provide information on the attack.
Bitcoin value continue to go up and at that time in 2015, it was trading near $500. As the value of the cryptocurrency continues to grow, websites and bitcoin companies are a major target for attackers who wish to obtain bitcoins in exchange.
The most recent examples of DDoS disruptions could apparently be new wave of attacks targeting bitcoin websites. Last week, European bitcoin and altcoin exchange BTCe was additionally targeted, causing temporary disruption of exchange. CCN was likewise the goal of a DDoS attack last week. Temporary disruption was seen for few hours before the attacks were mitigated.
A survey undertaken B2B International and by Kaspersky Lab has shown that, generally, a DDoS attack is just the tip of the iceberg. Purposeful efforts to divert IT employees, although occasionally these aren’t coincidences. This strategy was called DDoS smokescreening.
In the survey, respondents frequently mentioned malware (21%) and hacking (22%) as the number one risks to their businesses, while DDoS was selected as the most serious hazard by just 6%. Data leaks were additionally found concurrently with an assault in 26% of instances.
Yet, even without taking collateral damage into consideration, DDoS attacks remain a serious issue that increasingly influences business resources. Especially, in 24% of all instances services were caused by a DDoS attack to be totally unavailable (39% for government-owned businesses). Due to such assaults, some trades failed in 34% of all instances (64% for transport companies). This past year, these amounts were lower: just 13% of businesses reported that their services had become totally unavailable due to DDoS attacks, while 29% of businesses as an outcome of such assaults experienced mistakes in trades.
“It’s natural that DDoS attacks are increasingly causing businesses difficulties. Techniques as well as the procedures used by offenders are evolving, with attackers trying to find new means of ‘freezing’ their casualties’ operations or masking intrusion in their systems. Despite a sizable staff of IT professionals it is nearly impossible for businesses regain their services independently and to manage a serious DDoS attack. Also, if other malicious action is happening at the exact same time, the damage is multiplied by this.
According to Kaspersky Lab, the best countermeasure against multi-vector attacks is all-inclusive protection that supplies security against DDoS attacks, intrusions and malware all at the exact same time.