Several crypto companies and media outlets suffered multiple DDoS attacks in November. The clear reasons for such attacks are unknown but it can be assumed that trespassers wanted to have some ransom from the companies or they simply don’t like crypto. CoinTelegraph was under attack along with several other companies, such as Kraken, Cryptsy, CoinDesk, CCN and others. It is obvious that all online businesses need to protect their sites from DDoS attacks. CoinTelegraph decided to share some tips on how to do it.
DDoS attacks are becoming more frequent as lots of crypto companies and media outlets work through the Internet without paying much attention to the protection of their servers. The easiest way to do that is to buy some anti-DDoS solutions, offered by many companies, such as CloudFlare or Incapsula. Bitcoin security expert Ivan Tikhonov told CoinTelegraph:
“There are lots of anti-DDoS services but they are paid. And people start rushing to get one only after they have suffered an attack and money loss. I think people should get such services in advance if they realize the risk of DDoS is high and the amount of potential loss exceeds the cost of protection”.
Another easy way to protect your site from DDoS is to publish all known information about the attacker in the net and assign a reward which exceeds the amount of required ransom. Ivan adds that “it often helps to catch the trespasser”.
However, Ivan thinks that the simplest way to stop DDoS attacks is to refuse to pay ransom:
“If you pay ransom, there is an extremely high possibility that attackers will double their efforts towards your site”.
DDoS are costly as well. And trespassers have no point in attacking your site constantly without getting any reward. They don’t like bearing losses, same as the owners of the sites under attack. Of course, it requires the owners to stand the attack for a period of time. And, in that case they should count their own potential losses thoroughly. This method will only work if the losses don’t exceed the amount of ransom or the cost of protection tools.
Roman Mandeleil, founder of hacker’s marathons, CEO of <ether.camp>, states that “there is no way to launch an attack without revealing your source IP so it can be identified at some point”. He also told CoinTelegraph:
“Most of the DDoS attacks can be blocked on the low infrastructure level: you just identify the IP patterns that are trying to swap you and cut them out. All you need is a smart tech guy”.