Cryptocurrency sites hit hard by DDoS in Q4 2017

Imperva has released its Q4 2017 Global DDoS Threat Landscape Report and key findings reveal that the cryptocurrency industry continued to draw the attention of DDoS offenders, ranking as the fifth most attacked industry during the quarter alongside some of the more regular attack targets.

Imperva says that the increase in attacks against bitcoin-related sites is likely linked to a growth spike experienced by the industry late last year when cryptocurrency prices reached an all-time high. As prices have since subsided, it will be interesting to see if the overall number of attacks declines as well in the coming months.

Igal Zeifman, security evangelist at Imperva, said: “In the second half of 2017 the cryptocurrency industry became an attractive target for DDoS attacks, now ranking as the fifth on the most attacked list. While it hard to know for sure, it is likely that many of these attacks were driven by the accelerated financial growth the industry had experienced in the last month of the year. This, together with the resulting media coverage, likely drew the attention of bad actors. Another contributing factor was likely the relative lack of security readiness of the young industry, that has been flourishing in an accelerated pace and hasn’t had time to adequately address the security concerns that come with that growth. Whatever the reasons are, data collected by us in the last six months of 2017 shows that attacks against crypto industry are now the new norm. ”  

Application Layer Attacks Double, Assaults Become More Persistent

The report also revealed that the number of application layer attacks nearly doubled in Q4 2017, just as the number of network layer assaults declined.

This quarter, Imperva saw a spike in the number of application assaults, which increased 43 percent over their Q3 levels. Network layer attacks, on the other hand, fell by more than 50 percent since last quarter. In the case of network layer attacks, the number of repeat DDoS assaults went up to 67.4 percent, compared to 57.8 percent in Q3. However, the average number of attack decreased, as most of the repeat assaults consisted of two to five bursts.

Interestingly, even as the number of application layer assaults went up and network layer attacks decreased, both became more persistent. Imperva’s data shows that 63.3 percent of application layer DDoS targets were subjected to repeat attacks, up from 46.7 last quarter. The increase in attack persistence reflects the growing ease with which bad actors can launch multiple DDoS attacks. Today, even if a mitigation service is able to deflect an initial attack, perpetrators have every reason to try again and again, until they take down their target or grow bored and move on