How do Forex brokers protect from DDoS attacks?

Along with huge companies, well-known brands, and popular websites, retail Forex brokers, especially MT4 ones, are also facing DDoS attacks daily.

Andrew Shoemaker, founder of DDoS testing company NimbusDDOS, has more than 20 years experience in the DDoS space. He’ll answer some of the most frequently asked questions that come to a broker’s mind when thinking of a DDoS attack and shed more light in the DDoS space.

Andy Shoemaker

LeapRate: What exactly is a DDoS attack?

A Distributed Denial of Service (DDoS) attack is a type of network attack intended to make an organization’s online resources unreachable to customers and legitimate users. Although these attacks have existed since the earliest days of the Internet, recent trends indicate the frequency of occurrence to be increasing at 100%-150% yearly.

LeapRate: Who is targeted by DDoS attacks?

All businesses can be targeted and impacted by DDoS attacks.  In recent years, the media has reported on well-known brands such as Sony, Microsoft, Visa and Bank of America as being targeted and disrupted by DDoS attacks.

Below are some specific high-risk flags:

  • High-risk industries (financial, healthcare, government, ecommerce, online media, gambling, adult entertainment)
  • Business revenue is closely associated with online presence (example: e-commerce company)
  • Businesses at risk of reputation damage
  • Well-known brands are often targets of extortion

LeapRate: Why do these DDoS attacks happen in the first place?

The primary motivation for attacks on forex markets is simple extortion. In my observations this accounts for the majority of attacks seen in the wild. Since the broker provides a real-time platform for the buying and selling of currencies, they have the same high level of risk often seen in ecommerce websites. Simply put, if the service is unavailable, then the broker loses money, so the broker has a strong motivation to pay. Aside from extortion, another motivation is for a broker to launch a DDoS attack against a competitor. This is less common is large brokers, and heavily regulated jurisdictions.

LeapRate: What do forex brokers do in the first place to provoke these attacks?

I think its not so much about provocation, but rather that attackers view them as an easy target. Specifically the MT4 brokers likely all suffer from the same challenges because their platform is built upon the same software.

LeapRate:  MT4 brokers are attacked quite often – How can forex brokers protect themselves?

The forex brokers tend to be more challenging to protect due to the design of the trading platform. Since you mentioned MT4, I’ll speak specifically about that. MT4 uses a proprietary communication protocol for the transmission of data between the trader and the broker. The issue with this is that most major cloud DDoS mitigation vendors are specifically built to protect the standard web protocols HTTP and HTTPS. The use of proprietary protocols specifically excludes many of these vendors. Additionally, since the communication between the trader and the broker is through an API, many of the common mitigation strategies used by mitigation vendors won’t work. For instance, a common strategy implemented by many mitigation vendors is to use a captcha, or a javascript challenge to separate legitimate traffic from bad. This isn’t possible with API traffic. Due to these limitations, most mitigation vendors will default to a simplistic source rate-limiting method which limits how much traffic can be sent from individual IP addresses. Forex brokers may be able to see some release by using on-premise DDoS mitigation hardware if their network connections are substantial. Alternatively, a cloud DDoS vendor that offers a BGP routed solution rather than a proxy solution may also work. The key to any solution selected is to test it for efficacy.

Related News

  • Kait.Daniel

    The best protection against any type of D DoS attack is to use a VP N. I use PureV PN for protection against DDoS attacks and it works good.

    • Andriy Moraru

      It does not look like you understand what you are talking about.

      • Edgum Brambtrelt

        Welcome to the leaprate comments section friend, I see you are new here.

        • Bob

          LOL. made me laugh.You win 3 internets.

  • Dan White

    Ha, a VPN is definitely not going to protect against DDoS attacks. Companies need to be offering risk assessments and testing, and run their network through a DDoS mitigation provider.


How do Forex brokers protect from DDoS attacks?


Send this to a friend

Subscribe to LeapRate
Fill out the form below for more information
for lising in LeapRate's Forex Yellow Pages

Please enter the company name, email address to reach you and phone # (optional):

Please fill out the message field to the right for any questions or special inquiry: