As the world of cryptocurrencies continues to grow exponentially, distributed denial of service (DDoS) attackers have a new set of targets, namely the exchanges that power cryptocurrency trades, as well as the computer systems used to ‘mine’ cryptocurrencies.
This is according to Bryan Hamman, Arbor Network’s territory manager for sub-Saharan Africa, who says that the cryptocurrency craze has attracted millions of people around the world.
“But unfortunately, it has also attracted the DDoS criminal underworld, as they look to cripple currency exchanges and potentially steal the valuable coins passing through these platforms.
“We see a number of worrying cases where DDoS attacks have disrupted the flow of trade on major cryptocurrency exchanges – including the likes of Bitfinex, Bittrex and Poloniex,” he says.
What are cryptocurrencies and blockchain technology?
Cryptocurrencies are essentially virtual currencies that enable individuals and businesses to store and exchange value, without the need for traditional money (so called ‘fiat currency’) and traditional banking infrastructure. While the most famous cryptocurrency is Bitcoin, there are a number of other similar currencies in circulation. They can be exchanged for fiat currency – like US dollars or Rand – on exchange platforms.
Bitcoin and its peers represent a radical departure from the traditional construct of money – which has always been tightly-controlled by national governments (via central banks and very influential monetary policies). Cryptocurrencies are entirely virtual, and completely borderless, while – to a large degree – remaining outside the ambit of policies and laws.
Cryptocurrencies like Bitcoin rely on blockchain technology to operate. To provide a succinct definition, blockchain is a decentralised public ledger that records transactions across multiple computers, so that there is no single record of any transaction. In this way, information is distributed across the network, meaning that nobody is able to tamper with the record of transactions.
Targeting exchanges
Towards the end of 2017, Bitcoin hit mainstream news headlines, surging in value to over $20 000 per ‘coin’. While it has since normalised back to roughly half of that value, the frenzy of excitement over Bitcoin saw many exchanges being flooded with traffic.
In fact, many of the exchanges struggled to handle the massive volumes of people looking to get into the Bitcoin craze. And to make matters even worse, DDoS attackers started to target these exchanges, placing even more pressure on the platforms.
Hamman explains: “DDoS attackers use malware installed on thousands – even millions – of different PCs and other connected devices, essentially hijacking their resources to flood a the targeted exchange’s servers with massive volumes of traffic.
“Just like a DDoS attack on any other organisation, these assaults can pull down an exchange’s online systems, bring workflow and mission-critical processes to a halt, disrupt the trades between users, as well as causing untold reputation damage for the exchange.”
Illegal mining.
“There is also another DDoS-type technique within the cryptocurrency ecosystem – one that’s even stealthier, and certainly more difficult to prevent – which is causing concern among the crypto community,” notes Hamman.
He explains the growing trend of cybercriminals installing crypto-mining tools on victim computers (instead of traditional DDoS malware). This allows them to hijack the resources and systems of the host computers, to power illegal cryptocurrency mining operations.
While the term ‘mining’ may be something of a misnomer, cryptocurrency mining refers to the act of verifying Bitcoin transactions on the network, adding public records to the ledger and ultimately making the records as accurate and indisputable as possible. As a reward for doing this service, miners receive a certain value of bitcoin, which is ‘unearthed’ by the system.
“While bitcoin mining has emerged as a very specialist field, and is of course perfectly legal, the problem we’re seeing is DDoS syndicates shifting their behaviour towards illegal bitcoin mining,
“This destabilises the cryptocurrency ecosystem in general, and raises concerns about using blockchain-like technology for other use-cases.”
Hamman is referring to the likes of blockchain-enabled smart contracts and supply-chain innovations which could radically change the way that business value chains and relationships are conducted in the future.
“It’s important for cryptocurrency exchanges and professional mining outfits to quickly get on top of the problem, with specialised DDoS prevention tools.”
He points to Arbor’s recent foiling of an attack of almost two terabytes per second, a massive traffic volume that would certainly crush the servers of any organisation that doesn’t have specialised DDoS defences.
“If virtual currencies are to truly reach mainstream adoption, and be accepted as an alternative currency to the US dollar and other major currencies, then the ecosystem will need to find ways to dealing with DDoS attacks,” Hamman concludes.