At this point in the cryptocurrency industry, Distributed Denial of Service (DDoS) attacks have gone from a worst-case scenario during ICOs and peak trading periods to almost a point of pride for exchanges. After all, anyone who’s anyone in cryptocurrency exchanges is getting smashed with DDoS attacks. Just look at Bitfinex, or Poloniex, two of the largest and most popular cryptocurrency market platforms in the world who were both hits recently by DDoS attacks and suffered massive losses.
The truth of the matter is that the reputational damage a successful DDoS attack can inflict outweighs the warm fuzzy feeling any exchange owners might get from knowing they’re important enough to the market to get targeted.
To that end, here are the three must-haves for DDoS mitigation for cryptocurrency exchanges.
Smart Traffic Inspection
One of the things that makes inflicting a DDoS attack on a cryptocurrency exchange so easy for attackers is the huge bursts of natural traffic exchanges regularly experience. ICOs and favorable trading conditions attract traders in droves, and all an attacker needs to do is aim a blast of traffic at the already stressed exchange server and more often than not, a distributed denial-of-service attack succeeds.
A DDoS mitigation service needs to boast granular traffic analysis as well as deep packet inspection in order to block the often craftily disguised DDoS traffic while ensuring traders and other legitimate visitors can access the exchange and their wallets without any delay. There’s no point blocking a DDoS attack if it’s going to block legitimate users as well.
The Fastest Possible Response (guaranteed)
For traders, a matter of seconds can be a matter of big money. Your exchange cannot lag, nor can it glitch for even a moment if you’re going to keep your users happy. This means a DDoS attack cannot succeed for even one second, which in turn means your DDoS mitigation service needs to be able to detect and react to attack traffic as quickly as is currently possible.
Cryptocurrency exchanges need to accept nothing less than a time to the mitigation of 10 seconds or under, and this time to mitigation needs to be guaranteed right in the service level agreement. If you get 10 seconds or less guarantee, you can likely count on your mitigation to kick in within one or two seconds of the first trickling of attack traffic. If you can’t get fast time to mitigation in writing, you probably won’t get it when you need it.
Robust Processing Power
We’re conducting business in the age of the IoT botnet, which means we’re conducting business in the age of the unfathomably large DDoS attack. When researching DDoS mitigation providers for a cryptocurrency exchange, be sure they have a network of data centers and scrubbing servers that are 1) global and 2) capable of processing at least 500 Gbps. Anything less than that and it frankly is not a service designed to protect an exchange attracting any significant amount of traffic and attention, which is exactly the kind of exchange that needs to worry about DDoS attacks.
Swatting The Flies
As cryptocurrency continues to grow, it will continue to be found at the epicenter of many types of cybercrime. For exchange owners, this means they will be tasked with continuously swatting away DDoS attack attempts like they’re pesky flies at what would otherwise be an enjoyable and profitable picnic. Point of pride or not, handling this distributed denial of service attacks is best left to the professionals. So long as the professionals tick the boxes on the three must-haves listed above.