Bitcoin Exchanges Under Siege

Almost three out of four Bitcoin exchanges and related cryptocurrency sites have suffered a DDoS attack in the third quarter of 2017, said DDoS mitigation firm Imperva Incapsula in a report released recently.

The reason why attackers have shifted focus to Bitcoin sites isn't that hard to figure out. Since the start of the year, Bitcoin's price has exploded from $950 to over $17,000 this week.

As a hacker known as An0CBR told this reporter back in 2015, there's a flourishing underground market where Bitcoin site operators pay to take out their competition. With Bitcoin prices going through the roof, less scrupulous site operators would have most likely chosen to order DDoS attacks on their competitors in order to steal business away from those services.

Furthermore, we also can't rule out DDoS ransom demands, which in the past two years have gone through the roof, along with attempts to manipulate Bitcoin price.

Igal Zeifman, Director of Marketing at Imperva Incapsula, sees the shift toward the Bitcoin market as a natural shift from attackers, who "are drawn to successful online industries, especially new and under-protected ones."
DDoS capabilities are getting bigger

As for the rest of the quarter, the Incapsula report contains some significant developments. First and foremost, the company saw a rise in DDoS capabilities. The company detected more large-scale attacks in terms of packets-per-second but also traffic-per-second.

Imperva said it recorded over 144 DDoS attacks that blasted over 100 million packets per second (Mpps) at their targets in Q3, up from only 6 such attacks recorded in Q1 2017. The company says the largest DDoS attack it mitigated terms of sheer size peaked at 299 Gbps, and targeted its own IP ranges, in an attempt to down its systems.

A report from rival Cloudflare saw the same growth in attack size, with Cloudflare saying it often mitigates 400+ Gbps DDoS attacks at regular intervals.

Most DDoS attacks are now multi-vector
But the rise in DDoS capabilities wasn't the primary trend Imperva experts noticed. After adjusting their DDoS calculation algorithms, the company says that over 70% of today's DDoS attacks are multi-vector.
Multi-vector attacks are DDoS incidents where an attacker uses different protocols for the DDoS assault, such as SYN, TCP, UDP, ICMP, NTP, DNS, and others.

Attackers usually probe companies with multiple vectors in the beginning and then focus on the one that's most effective against a target's current defenses. Furthermore, attackers switch vectors at short intervals in case they want to keep DDoS mitigation teams on their toes and prolong the attack's efficiency before companies can track down the source and nature of attacks.

The 70% figure also means that most of these attacks are now launched from advanced botnets or DDoS-for-hire services that can handle multiple attack vectors, and not your do-it-yourself DDoS apps that someone can find to download on shady Internet sites.

Bleeping Computer

You Might Also Read:

Bitcoin: UK And EU Will Crackdown On Crime & Tax Evasion:

Bitcoin Just Isn’t Anonymous Enough:
 

 

« British Banks Are Hiding Cyber Attacks
Botnets Are Here To Stay »

ManageEngine
CyberSecurity Jobsite
Check Point

Directory of Suppliers

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Tines

Tines

The Tines security automation platform helps security teams automate manual tasks, making them more effective and efficient.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

baramundi software

baramundi software

baramundi software AG provides companies and organizations with efficient, secure, and cross-platform management of workstation environments.

F-Response

F-Response

F-Response is a software utility that enables an investigator to conduct live Forensics, Data Recovery, and eDiscovery over an IP network using their tools of choice.

HID Global

HID Global

HID Global is a trusted leader in products, services and solutions related to the creation, management, and use of secure identities.

CERT NZ

CERT NZ

CERT NZ supports businesses, organisations and individuals affected by cyber security incidents, and provide trusted and authoritative information and advice.

Ignyte Assurance Platform

Ignyte Assurance Platform

Ignyte Assurance Platform™ is a leader in collaborative security and integrated GRC solutions for global corporations in Healthcare, Defense, and Technology.

Cyber Base

Cyber Base

Cyber Base is an Information Technology company based in Uganda providing software and hardware solutions to clients.

Center for Applied Cybersecurity Research (CACR) - University of Indiana

Center for Applied Cybersecurity Research (CACR) - University of Indiana

CACR serves Indiana and the nation by tackling cyber risk in research and other unusual environments through agile, holistic, principle-based cybersecurity.

CyberInsureOne

CyberInsureOne

At CyberInsureOne, we break down the complex world of cyber insurance, and connect you with providers that can give you and your company peace of mind.

Jerusalem Venture Partners (JVP)

Jerusalem Venture Partners (JVP)

JVP’s Center of Excellence in Be’er Sheva aims to identify, nurture and build the next wave of cyber security and big data companies to emerge out of Israel.

Sevco Security

Sevco Security

Sevco Delivers Real-time Asset Intelligence to Identify and Close Unknown Security Gaps.

11:11 Systems

11:11 Systems

11:11 Systems synchronizes every aspect of network services for your business. Build your network with the industry’s most trusted expert skills.

Intaso

Intaso

Intaso are a boutique head hunting and talent solution firm with specialist Cyber and Information Security expertise.

GLIMPS

GLIMPS

GLIMPS-Malware automatically detects malware affecting standard computer systems, manufacturing systems, IOT or automotive domains.

CoGuard

CoGuard

CoGuard is a patented solution that uses AI driven automation to provide fast, cost effective white-box penetration testing, infrastructure audits and infrastructure design services.

Redport Information Assurance

Redport Information Assurance

Redport Information Assurance is an information assurance and cyber security solutions provider offering integrated business solutions for all levels of government.

Exertis Cybersecurity

Exertis Cybersecurity

Exertis Cybersecurity is a sub-division of Exertis Enterprise. We provide market-leading cybersecurity solutions that help to address the cybersecurity challenges that organisations face today.