Bitcoin sites join online gambling on top DDoS hit list


bitcoin-online-gambling-ddos-attacksOnline gambling sites remain the top targets for distributed denial of service (DDoS) attacks, but Bitcoin exchanges are increasingly finding digital bulls-eyes on their backs.

This week, cyber security software and services outfit Imperva released its Global DDoS Threat Landscape Q3 2017 report, detailing the targets and methods of the digital miscreants who bombard websites with data, sometimes seeking a ransom payment to stop the attack, other times to hobble a competitor.

As one might expect from previous reports of this type, Imperva found that over one-third of network layer attacks targeted online gambling sites and related services. Gambling topped all other industries with 34.5% of attacks, while gaming sites scored 14.4%, and internet services – including business process outsourcing companies working for gambling operators – ranked third with 10.8%.

The attacks on gambling operators and related services contributed to what Imperva called the “atypical” appearance of both Taiwan and the Philippines on the list of Top Attacked Countries, reportedly the result of some “large campaigns” targeting Asian-facing gambling operators.

That said, it remains to be seen how long the gambling/gaming world can retain its dubious DDoS crown. This year’s dramatic rise in the price of Bitcoin led to what Imperva called attacks targeting a “relatively high number of cryptocurrency exchanges and services.”

Imperva reported that nearly 74% of all Bitcoin sites using its services suffered some form of DDoS attack during Q3. While the overall number of such sites remains miniscule compared to sites in the other major categories, Bitcoin sites nonetheless ranked eighth on the targeted industry chart with 3.6% of attacks.

Imperva changed many of its reporting criteria this quarter, making year-on-year or sequential comparisons problematic. But the company noted that DDoS attacks continue to ramp up in both duration and intensity.

DDoS attackers are more frequently targeting the same sites, with nearly one-third of network layer targets hit more than 10 times in Q3, while 16% of application layer targets were exposed to six or more attacks.

The past 12 months have witnessed the emergence of significantly more powerful botnets, including some that harness unsecured Internet of Things devices, while the latest threat involved malware hidden in hundreds of mobile apps that commandeered 70k Android phones around the globe. Let’s be careful out there, people…