Bitcoin’s cyberattack problem
By Benjamin Stone
Though 2018 is still wet behind the ears, it's already shaping up to be the year Bitcoin and other cryptocurrencies go mainstream. What was once a topic limited to tech geeks and obsessive investors is now something being discussed by your friends at the gym and Googled by your dad after it shows up in an episode of The Big Bang Theory.
By Benjamin Stone
As a result, people without much knowledge of the intricacies of the online world are getting themselves a Bitcoin wallet. However, while Bitcoin is being touted as the hot new way to make a buck, what many of these investors don’t understand are some of the less publicized risks that can stem from the digital nature of these currencies, ones that potentially make Bitcoin and other cryptocurrencies a bigger gamble than even some of the most volatile investments. While Bitcoin exchange hackings have steadily made the news, DDoS attacks have caused lower-key havoc, but it’s havoc nonetheless.
The basics of Bitcoin
There are three main things that sets Bitcoin apart from, well, standard currencies. The first is that Bitcoin is a fully digital currency. This means no bills, no change, nothing tangible. It exists virtually, which is to say online.
Secondly, Bitcoin is a decentralized currency, which means it’s in no way linked to companies or entities like banks. Not only does this eliminate banking fees and allow users to remain in charge of their own financial activity, but it also protects Bitcoin from the kind of financial crises that can affect traditional banks. (Remember the 2009 recession?)
Thirdly, Bitcoin is a truly global currency. A Bitcoin is a Bitcoin is a Bitcoin, worth the same in Ohio as it is in Uganda. This removes all barriers from fund transfers and makes those transfers nearly instant.
There are certainly benefits to Bitcoin and other cryptocurrencies, even without the impressive sums some savvy investors are reaping, but some of the risks will have the average investor wondering what they’ve gotten themselves into.
Value-tanking DDoS attacks
While hacks causing millions of Bitcoins to go missing are understandably attention-grabbers, and there have been plenty, there’s another insidious risk to cryptocurrencies and their exchanges: DDoS attacks. These are attacks that leverage the collective computing power of a network of hijacked computers and other devices to take a website or service offline. For the average website, this is a massive problem that can cause lost revenue, user frustration and loss of loyalty, as well as hardware and software damage. For a Bitcoin exchange, where Bitcoin is bought and sold, it can be even worse.
When an exchange goes down, users are unable to access their Bitcoin wallets or accounts. To begin with, this is irritating, and it can undermine user confidence in an exchange’s ability to protect their investments. Worse yet, being unable to access Bitcoin wallets means users are unable to buy or sell Bitcoin. So, while Bitcoin value fluctuates, users are stuck watching it happen with no ability to capitalize on advantageous situations or mitigate their losses. This unrest is going so far as to actually affect the value of Bitccoin, with what appeared to coordinated DDoS attacks on some of the biggest Bitcoin exchanges in the world, tanking the value of Bitcoin by $2,000.
The Bitcoin bullseye
According to Incapsula, professional providers of DDoS protection, 74% of all Bitcoin exchanges or related websites were hit with a DDoS attack in the third quarter of 2017. According to Incapsula, this spate of assaults vaulted the cryptocurrency industry into the top 10 most-targeted industries for the first time, landing at number eight alongside bullseyes like online gaming, internet services and retail.
There are a few main reasons Bitcoin exchanges are being increasingly targeted by these attacks. The first is that Bitcoin exchange operators often take aim at each other, seeking to undermine user trust and loyalty to lure those disgruntled users away from a competitor.
Then there’s the opportunity attacks. Since DDoS attacks have been shown to affect the value of Bitcoin, some attackers are using them to make big money. These attackers wait until Bitcoin reaches a high value, sell their coins, lash out with high-profile DDoS attacks to destabilize the currency, watch while users panic-sell and the value drops, and then buy up a bunch of coins again and repeat the process.
Lastly, some attackers simply love a new challenge that’s going to get them big results in the form of attention and outcry. Bitcoin is hot, and attackers simply looking to cause chaos are seeing a big return on investment for their attacks on exchanges.
The importance of protection
Bitcoin is undoubtedly going to keep growing as more and more people hop aboard the cryptocurrency train. This means the popularity of DDoS attacks against cryptocurrency exchanges is going to grow, as are the potential consequences.
Not only do exchanges need professional DDoS protection, they need protection that gets to work as quickly as possible when attack traffic begins – under 10 seconds would be optimal. Protection with a high capacity to handle massive volumetric attacks is also necessary, as is sophisticated traffic filtering that protects against clever application attacks without affecting legitimate traffic with false positives.
If 2018 holds up as the year cryptocurrency goes mainstream – and every indication is that it will – then it will also be the year that DDoS attacks go even more mainstream as well as every average Joe who invested in Bitcoin ends up discussing these attacks while standing in line at Starbucks. If exchanges can’t get it together on premium DDoS protection, before long Sheldon will be cracking DDoS jokes on The Big Bang Theory. Help us all.