Distributed Denial Of Service Attacks In Cryptocurrency Exchanges
Information security is not only necessary in traditional transactions but also in cryptocurrency exchanges. One of the most common types of cyber attack is DDoS. Normally, three out of four cryptocurrency platforms are targets of DDoS attacks.
Crypto trading platforms vary regarding crypto-asset, trading volume, fee, and local law system. The cryptocurrency exchange has experienced dramatic growth, however, these platforms have not kept up with the pace. This makes crypto trading a hub for hackers and fraudsters.
Distributed Denial of Service attacks (DDoS)
The following is one of the most notorious DDoS attacks in the world:
Bitfinex in Hong Kong:
At that time, Bitfinex was leading the market in terms of the trading volume. In December 2017, it faced continuous attacks, which made it not operate normally.
“The cause is a DDoS attack. A person or group is intentionally trying to cause the platform to not operate normally. The level of DDoS protection is being adjusted to fend off the attack.”– Bitfinex (@bitfinex) December 04, 2017
Besides, Bitfinex also faced an application layer attack or DDoS layer 7. Bitfinex stated that it was a DDoS in the form of micro-deposits and withdrawals.
What is a DDoS attack?
A DDoS attack happens when a hacker tries to disrupt the traffic of one server, service, or network maliciously by a flood of internet traffic. Normally, when a website is attacked by a DDoS, it suddenly becomes slow or unreachable. However, further analysis proves that it is the result of a DDoS attack or only a spike in traffic. The following are typical signs of a DDoS attack:
- A flood of traffic originating from one IP address.
- Traffic from users sharing a similar profile in terms of device, location, or web version.
- A suspicious increase in access to one page.
There are 3 main types of DDoS attacks: volume-based attack, protocol attack, and application layer attack. Each type of DDoS attack targets a specific component of a network connection.
A network has 7 layers:
- Layer 1: Physical layer
- Layer 2: Datalink layer
- Layer 3: Network layer
- Layer 4: Transport layer
- Layer 5: Session layer
- Layer 6: Presentation layer
- Layer 7: Application layer
Common types of DDoS attack
- Application layer attack (Layer 7 DDoS attack): The application layer attack is the most difficult one to defend against. It aims to exhaust the target’s resources to create a denial of service.
HTTP flood is a typical example of an application layer attack. This type of attack is called “flood” because it is like refreshing a web browser again and again on many different computers at the same time, which results in a denial of service.
- Protocol attack: It makes use of vulnerabilities in layer 3 and layer 4 to cause service disruption and make the targeted site inaccessible.
SYN flood is an example of a protocol attack. This happens when a large number of Initial Connection Requests are sent to the network. The target responds to each connection request but the request will never happen. Therefore, the target’s resources are exhausted, which makes the site unavailable.
- Volume-based attack: Using this method, attackers create massive traffic to target victims.
DNS amplification is a popular example.
How to mitigate DDoS attacks?
To mitigate DDoS attacks, firms should carefully consider whether it is malicious traffic or normal traffic. Besides, an attack can target multiple layers of the network, which makes the mitigation process even more difficult.
The following are some popular solutions to DDoS attacks:
- Blackhole routing
- Rate limiting
- Web application firewall
- Penetration testing
The number of cryptocurrency exchanges is increasing rapidly, which leads to a rise in cyber security threats. Cyber-attacks cause substantial financial loss. Therefore, not only firms but also users should take careful consideration about security in the cryptocurrency exchanges.