Riding the cryptocurrency wave: how DDoS attacks are threatening the future of money exchange
In the financial world, exchanges are very much like pants: they should never go down in public. This is especially true when it comes to the increasingly numerous exchanges for Bitcoin and other cryptocurrencies. The common occurrence of currency thefts and distributed denial of service (DDoS) attacks against these small startups have many of us wondering: just how resilient and practical are these coin markets?
Distributed ledger meets distributed attack
In a way, it’s no surprise that digital currency is particularly vulnerable to digital weapons. Bitcoin’s distributed ledger system – the blockchain – may in reality only be as strong as its weakest links: those myriad, competing, and vulnerable coin exchanges.
To continue the chain analogy, DDoS attacks would be the bolt cutters. For one reason, there is a burgeoning underground marketplace where the massive botnets which actually carry out the attack can be rented by the hour. Secondly, our growing consumer fondness for connected gadgets (like the latest IoT appliance) which value mobile app integration over security and privacy is adding new soldiers to the cybercrime armies that are attacking us. For proof, look no further than the newest strain of the Mirai botnet and its swarm of 100,000 hacked home network routers (and let’s not even get into all the sleeping kids you can watch due to unsecured webcams).
In truth, a cryptocurrency exchange hit with even half of that regiment would be overwhelmed by the attack traffic and respond too slowly to actual trading traffic that it would be unusable. Actually, we should say, unusable to the traders on the exchange. DDoSing a coin exchange is a popular way for hackers to generate revenue from the price differences between the attacked exchange and others which are running smoothly.
By slowing down a specific exchange, the trading volume is kept artificially low, keeping cryptocurrency prices low in turn. Hackers then swoop in to buy the undervalued coins on the targeted exchange and then immediately sell them on one of the unaffected exchanges. Since cryptocurrency prices have been on a long upward trend (like Bitcoin, which recently passed the $11,000 mark), this scheme is close to foolproof. Cyber criminals aren’t fools, as demonstrated by their disruptive DDoS attacks against the Bitfinex exchange and the Bitcoin Gold fork.
Safe enough for you?
All of this raises serious questions about how much trust we should put into these cryptocurrency markets.
How safe or practical of an investment can Bitcoin and others be if your ability to buy and sell it is at the mercy of cyber thugs? If your exchange is attacked, your coin investment loses almost all of its liquidity during the attack. On the other hand, if you’re executing a longer term strategy, then you could probably patiently wait out the attackers and make your trades after the attack is over.
What if the Bitcoin bubble bursts and you want to sell off your coin, but are unable to do so because the exchange you’re on is slowed to a halt by a DDoS attack? In that case, you’re stuck hemorrhaging money because you can’t sell off your rapidly depreciating coin assets fast enough. Buying high and selling low is never a winning strategy.
The ongoing threat of DDoS attacks will have to be mitigated in order for cryptocurrencies to gain wider adoption going forward. Longer-term stability and ecosystem resiliency can’t be overlooked any longer, because these new crypto coins are like their physically minted counterparts: they’re only good if they can actually be used for things like buying a belt for those pants.