Bitcoin Exchanges Under Siege

Almost three out of four Bitcoin exchanges and related cryptocurrency sites have suffered a DDoS attack in the third quarter of 2017, said DDoS mitigation firm Imperva Incapsula in a report released recently.

The reason why attackers have shifted focus to Bitcoin sites isn't that hard to figure out. Since the start of the year, Bitcoin's price has exploded from $950 to over $17,000 this week.

As a hacker known as An0CBR told this reporter back in 2015, there's a flourishing underground market where Bitcoin site operators pay to take out their competition. With Bitcoin prices going through the roof, less scrupulous site operators would have most likely chosen to order DDoS attacks on their competitors in order to steal business away from those services.

Furthermore, we also can't rule out DDoS ransom demands, which in the past two years have gone through the roof, along with attempts to manipulate Bitcoin price.

Igal Zeifman, Director of Marketing at Imperva Incapsula, sees the shift toward the Bitcoin market as a natural shift from attackers, who "are drawn to successful online industries, especially new and under-protected ones."
DDoS capabilities are getting bigger

As for the rest of the quarter, the Incapsula report contains some significant developments. First and foremost, the company saw a rise in DDoS capabilities. The company detected more large-scale attacks in terms of packets-per-second but also traffic-per-second.

Imperva said it recorded over 144 DDoS attacks that blasted over 100 million packets per second (Mpps) at their targets in Q3, up from only 6 such attacks recorded in Q1 2017. The company says the largest DDoS attack it mitigated terms of sheer size peaked at 299 Gbps, and targeted its own IP ranges, in an attempt to down its systems.

A report from rival Cloudflare saw the same growth in attack size, with Cloudflare saying it often mitigates 400+ Gbps DDoS attacks at regular intervals.

Most DDoS attacks are now multi-vector
But the rise in DDoS capabilities wasn't the primary trend Imperva experts noticed. After adjusting their DDoS calculation algorithms, the company says that over 70% of today's DDoS attacks are multi-vector.
Multi-vector attacks are DDoS incidents where an attacker uses different protocols for the DDoS assault, such as SYN, TCP, UDP, ICMP, NTP, DNS, and others.

Attackers usually probe companies with multiple vectors in the beginning and then focus on the one that's most effective against a target's current defenses. Furthermore, attackers switch vectors at short intervals in case they want to keep DDoS mitigation teams on their toes and prolong the attack's efficiency before companies can track down the source and nature of attacks.

The 70% figure also means that most of these attacks are now launched from advanced botnets or DDoS-for-hire services that can handle multiple attack vectors, and not your do-it-yourself DDoS apps that someone can find to download on shady Internet sites.

Bleeping Computer

You Might Also Read:

Bitcoin: UK And EU Will Crackdown On Crime & Tax Evasion:

Bitcoin Just Isn’t Anonymous Enough:
 

 

« British Banks Are Hiding Cyber Attacks
Botnets Are Here To Stay »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

RoboForm

RoboForm

RoboForm's industry-leading encryption technology securely stores your passwords, with one Master Password serving as your encryption key.

Parasoft

Parasoft

Parasoft is an independent software testing and software quality assurance tool and solution vendor.

RiskLens

RiskLens

RiskLens is a software company that specializes in the quantification of cybersecurity risk.

Konfidas

Konfidas

Konfidas provide high-level cybersecurity consulting and professional tailored solutions to meet specific cybersecurity operational needs.

Grimm Cyber

Grimm Cyber

GRIMM makes the world a more secure place by increasing the cyber resiliency of our client’s systems, networks, and products.

Cyber DriveWare

Cyber DriveWare

DriveWare analyzes new traffic in the I/O layer and blocks malware and cyber attacks which organizations have no means to protect against.

Jamcracker

Jamcracker

Jamcracker is a cloud services management and cloud governance solutions company, with more than a decade of experience providing industry leading software and services.

Guardara

Guardara

Guardara's mission is to help our customers to continuously improve in every aspect of software development.

Infopercept Consulting

Infopercept Consulting

Infopercept is a leading cybersecurity company in India, providing a critical layer of security to protect business information, infrastructure & assets across the organization.

RocketCyber

RocketCyber

RocketCyber is a Managed SOC platform empowering Managed Service Providers (MSPs) to deliver security services to small and medium businesses.

UST

UST

UST is a global provider of digital technology and transformation, IT services and solutions including managed security services.

Sollensys

Sollensys

Sollensys is a leader in commercial blockchain applications. Our flagship product, The Blockchain Archive Server™ is the best defense against the devastating financial loss that ransomware causes.

Seigur

Seigur

Seigur is an IT consultancy business providing flexible legal and cyber security services for IT and data privacy programmes.

GreenPages Technology Solutions

GreenPages Technology Solutions

GreenPages provide expert strategic guidance and proven cloud-era solutions for our clients. Every day we help organizations leverage the cloud securely with less risk and cost.

Elastio

Elastio

Elastio's cloud-native platform safeguards cloud data from the risks posed by ransomware, application failures and storage security vulnerabilities.

SCS Technology Solutions

SCS Technology Solutions

SCS Technology Solutions has become the preferred partner for top performing organisations across Lincolnshire for IT support and consultancy.