Finance Magnates recounts the dramatic events and provides a rare glimpse into the attack.
Is there a more distressing moment for content website executives than realizing they are under attack from a Distributed Denial of Service (DDoS) onslaught? Screens abruptly turn blank, analytics experience unnatural spikes, and the leadership is thrust into crisis management mode. Last month, one of the most well-known FX market websites, FXStreet, found itself caught in this very predicament.
The team was generous and open enough to share their story, shedding light on the decision-making process in such a sensitive situation and offering valuable tips to our readers.
The cyberattack on FXStreet on May 4 came at one of the worst possible moments, with the team gearing up to cover a top event for the month: the European Central Bank monetary policy decision. Although the DDoS attack wasn't a stranger to its IT team, attackers initially managed to bring the website down almost entirely.
But what is a DDoS attack? And why are financial services firms often become the target of such attacks?
Sensitive Case: DDoS in the Financial Space
DDoS attacks seek to interrupt the regular functioning of a website, web application, or web service through the utilization of unwanted traffic that often originates from a botnet consisting of numerous infected computers and devices.
These attacks have the potential to cripple entire infrastructures, with the objective of rendering the target's service inaccessible, resulting in significant harm to an organization. This harm can manifest in various ways, such as tarnishing its reputation, reducing revenue, and losing customers.
Financial services firms, including retail brokers and more recently crypto exchanges, are something of a hot target. Dealing with funds and investments in real-time, where outages can be especially damaging for clients, makes them especially attractive.
Brokers, or for that matter their service providers, compete in a saturated market where every reputational damage can have a long-lasting effect. This too may cause them to be all the more susceptible to succumbing to cybercrime threats.
In our years of coverage, we have also seen hackers act out of sheer revenge, turning out to be disgruntled or plainly defrauded past clients.
DDoS Attack on FXStreet
Back to the FXStreet headquarters in Barcelona: on May 4th, as analysts and other teams were getting ready for the start of the European session, FXStreet’s servers saw a surge of incoming requests equivalent to 120 times the normal traffic.
The site’s error rate increased sharply, meaning that much of the content of the website was suddenly unavailable for the audience, mainly traders who rely on FXStreet for their investment decisions.
The attack came along with a direct message on Twitter: "We’ve identified your site’s vulnerability (...) I can keep your site closed for months off." The anonymous sender asked for $5,000 to be paid to its Tether wallet to immediately to cease the attack.
Initial Response
"Paying the ransom was never an option," said Alain López, the Chief Technology Officer at FXStreet. It wasn’t the first time that López and his team had faced such a situation. The IT team quickly activated the mitigation plan against the attack, which is based on gradually increasing server instances to alleviate the strain on the system. After suffering the worst of the attack at around 08:15 am CET, FXStreet’s site started to partially recover from it.
But, the attack was far from over. A second surge of incoming requests came afterward and would have disrupted the site again had it not been for the team’s swift response. The plan bore fruit, and the impact on the site was minimal. "There were some minutes when absolutely nothing was working, but mitigation measures were fast and effective," López said.
However, these measures had to be bold at the beginning to ensure the attack was repelled as soon as possible. FXStreet blocked all incoming traffic from Russia, South Korea, China, and Brazil, among other countries, as they were identified as the primary origin of the cyberattack. This action was only a short-term solution as it came with a huge cost: leaving the FXStreet community from these countries unable to access the site. Some minutes later, the IT team was able to fine-tune its strategy by just blocking specific IP addresses, ending with the more-disruptive country block.
"The team was able to quickly identify the source of the attack and implement targeted measures against it," López said. "Everyone acted in a swift and coordinated manner, which was key to [restoring] the site quickly."
At around 09:00 am CET, the attack was considered mitigated. It carried on for a few more hours, but the site continued to function seamlessly and the coverage of the European Central Bank’s decision went smoothly.
Lessons Learned
"The key to successfully navigating a DDoS attack is to have updated cybersecurity systems such as Cloudflare, as they are able to provide crucial information in order to thwart the attack," López said. "The response has to be consistent with the level of the threat, and transparency is critical with the organization and its stakeholders."
During the most critical moments of the attack, the option of paying the ransom is likely to be considered. Accepting the demands of cybercriminals could solve the crisis in a matter of minutes, but is dangerous because it can lead to further attacks once the information spreads. No one wants to be on the list of easy targets for hackers.
The incident served as a wake-up call for everyone in the organization to realize that the threat of cyberattacks is constant. "It was a fresh reminder of the need to be on guard. No one is 100% safe from cybercriminals," López said.
Is there a more distressing moment for content website executives than realizing they are under attack from a Distributed Denial of Service (DDoS) onslaught? Screens abruptly turn blank, analytics experience unnatural spikes, and the leadership is thrust into crisis management mode. Last month, one of the most well-known FX market websites, FXStreet, found itself caught in this very predicament.
The team was generous and open enough to share their story, shedding light on the decision-making process in such a sensitive situation and offering valuable tips to our readers.
The cyberattack on FXStreet on May 4 came at one of the worst possible moments, with the team gearing up to cover a top event for the month: the European Central Bank monetary policy decision. Although the DDoS attack wasn't a stranger to its IT team, attackers initially managed to bring the website down almost entirely.
But what is a DDoS attack? And why are financial services firms often become the target of such attacks?
Sensitive Case: DDoS in the Financial Space
DDoS attacks seek to interrupt the regular functioning of a website, web application, or web service through the utilization of unwanted traffic that often originates from a botnet consisting of numerous infected computers and devices.
These attacks have the potential to cripple entire infrastructures, with the objective of rendering the target's service inaccessible, resulting in significant harm to an organization. This harm can manifest in various ways, such as tarnishing its reputation, reducing revenue, and losing customers.
Financial services firms, including retail brokers and more recently crypto exchanges, are something of a hot target. Dealing with funds and investments in real-time, where outages can be especially damaging for clients, makes them especially attractive.
Brokers, or for that matter their service providers, compete in a saturated market where every reputational damage can have a long-lasting effect. This too may cause them to be all the more susceptible to succumbing to cybercrime threats.
In our years of coverage, we have also seen hackers act out of sheer revenge, turning out to be disgruntled or plainly defrauded past clients.
DDoS Attack on FXStreet
Back to the FXStreet headquarters in Barcelona: on May 4th, as analysts and other teams were getting ready for the start of the European session, FXStreet’s servers saw a surge of incoming requests equivalent to 120 times the normal traffic.
The site’s error rate increased sharply, meaning that much of the content of the website was suddenly unavailable for the audience, mainly traders who rely on FXStreet for their investment decisions.
The attack came along with a direct message on Twitter: "We’ve identified your site’s vulnerability (...) I can keep your site closed for months off." The anonymous sender asked for $5,000 to be paid to its Tether wallet to immediately to cease the attack.
Initial Response
"Paying the ransom was never an option," said Alain López, the Chief Technology Officer at FXStreet. It wasn’t the first time that López and his team had faced such a situation. The IT team quickly activated the mitigation plan against the attack, which is based on gradually increasing server instances to alleviate the strain on the system. After suffering the worst of the attack at around 08:15 am CET, FXStreet’s site started to partially recover from it.
But, the attack was far from over. A second surge of incoming requests came afterward and would have disrupted the site again had it not been for the team’s swift response. The plan bore fruit, and the impact on the site was minimal. "There were some minutes when absolutely nothing was working, but mitigation measures were fast and effective," López said.
However, these measures had to be bold at the beginning to ensure the attack was repelled as soon as possible. FXStreet blocked all incoming traffic from Russia, South Korea, China, and Brazil, among other countries, as they were identified as the primary origin of the cyberattack. This action was only a short-term solution as it came with a huge cost: leaving the FXStreet community from these countries unable to access the site. Some minutes later, the IT team was able to fine-tune its strategy by just blocking specific IP addresses, ending with the more-disruptive country block.
"The team was able to quickly identify the source of the attack and implement targeted measures against it," López said. "Everyone acted in a swift and coordinated manner, which was key to [restoring] the site quickly."
At around 09:00 am CET, the attack was considered mitigated. It carried on for a few more hours, but the site continued to function seamlessly and the coverage of the European Central Bank’s decision went smoothly.
Lessons Learned
"The key to successfully navigating a DDoS attack is to have updated cybersecurity systems such as Cloudflare, as they are able to provide crucial information in order to thwart the attack," López said. "The response has to be consistent with the level of the threat, and transparency is critical with the organization and its stakeholders."
During the most critical moments of the attack, the option of paying the ransom is likely to be considered. Accepting the demands of cybercriminals could solve the crisis in a matter of minutes, but is dangerous because it can lead to further attacks once the information spreads. No one wants to be on the list of easy targets for hackers.
The incident served as a wake-up call for everyone in the organization to realize that the threat of cyberattacks is constant. "It was a fresh reminder of the need to be on guard. No one is 100% safe from cybercriminals," López said.
CFDs Traders on Now-Closed USG, TradeFred, and EuropeFX Lost US$51.7 Million
Executive Interview with Elina Pedersen | Your Bourse | FMLS:24
Executive Interview with Elina Pedersen | Your Bourse | FMLS:24
Executive Interview with Elina Pedersen, Chief Revenue Officer at Your Bourse at the Finance Magnates London Summit 2024
#fmls #fmls24 #fmevents #RetailTrading #FintechInnovation #nvidia #DigitalAssets #GlobalFinance #globalbanking
📣 Stay updated with the latest in finance and trading!
Follow FMevents across our social media platforms for news, insights, and event updates.
Connect with us today:
🔗 LinkedIn: https://www.linkedin.com/showcase/financemagnates-events/
👍 Facebook: https://www.facebook.com/FinanceMagnatesEvents
📸 Instagram: https://www.instagram.com/fmevents_official
🐦 Twitter: https://twitter.com/F_M_events
🎥 TikTok: https://www.tiktok.com/@fmevents_official
▶️ YouTube: https://www.youtube.com/@FinanceMagnates_official
Don't miss out on our latest videos, interviews, and event coverage.
Subscribe to our YouTube channel for more!
Executive Interview with Elina Pedersen, Chief Revenue Officer at Your Bourse at the Finance Magnates London Summit 2024
#fmls #fmls24 #fmevents #RetailTrading #FintechInnovation #nvidia #DigitalAssets #GlobalFinance #globalbanking
📣 Stay updated with the latest in finance and trading!
Follow FMevents across our social media platforms for news, insights, and event updates.
Connect with us today:
🔗 LinkedIn: https://www.linkedin.com/showcase/financemagnates-events/
👍 Facebook: https://www.facebook.com/FinanceMagnatesEvents
📸 Instagram: https://www.instagram.com/fmevents_official
🐦 Twitter: https://twitter.com/F_M_events
🎥 TikTok: https://www.tiktok.com/@fmevents_official
▶️ YouTube: https://www.youtube.com/@FinanceMagnates_official
Don't miss out on our latest videos, interviews, and event coverage.
Subscribe to our YouTube channel for more!
Executive Interview with Rauan Khassan | TradingView | FMLS:24
Executive Interview with Rauan Khassan | TradingView | FMLS:24
Executive Interview with Rauan Khassan from TradingView at the Finance Magnates London Summit 2024
#fmls #fmls24 #fmevents #RetailTrading #FintechInnovation #nvidia #DigitalAssets #GlobalFinance #globalbanking
📣 Stay updated with the latest in finance and trading!
Follow FMevents across our social media platforms for news, insights, and event updates.
Connect with us today:
🔗 LinkedIn: https://www.linkedin.com/showcase/financemagnates-events/
👍 Facebook: https://www.facebook.com/FinanceMagnatesEvents
📸 Instagram: https://www.instagram.com/fmevents_official
🐦 Twitter: https://twitter.com/F_M_events
🎥 TikTok: https://www.tiktok.com/@fmevents_official
▶️ YouTube: https://www.youtube.com/@FinanceMagnates_official
Don't miss out on our latest videos, interviews, and event coverage.
Subscribe to our YouTube channel for more!
Executive Interview with Rauan Khassan from TradingView at the Finance Magnates London Summit 2024
#fmls #fmls24 #fmevents #RetailTrading #FintechInnovation #nvidia #DigitalAssets #GlobalFinance #globalbanking
📣 Stay updated with the latest in finance and trading!
Follow FMevents across our social media platforms for news, insights, and event updates.
Connect with us today:
🔗 LinkedIn: https://www.linkedin.com/showcase/financemagnates-events/
👍 Facebook: https://www.facebook.com/FinanceMagnatesEvents
📸 Instagram: https://www.instagram.com/fmevents_official
🐦 Twitter: https://twitter.com/F_M_events
🎥 TikTok: https://www.tiktok.com/@fmevents_official
▶️ YouTube: https://www.youtube.com/@FinanceMagnates_official
Don't miss out on our latest videos, interviews, and event coverage.
Subscribe to our YouTube channel for more!
Executive Interview with Nadia Edwards-Dashti | Harrington Star | FMLS:24
Executive Interview with Nadia Edwards-Dashti | Harrington Star | FMLS:24
Fintech Talent in the UK: The Human Factor Driving Industry Change 🌟
What does it take to attract, retain, and upskill the best fintech talent in today’s rapidly evolving UK market? In this engaging interview, Nadia Edwards-Dashti, Chief Customer Officer at Harrington Star, explores the future of talent recruitment, the rise of sales roles, and how AI is reshaping the industry—without replacing the human touch.
#fmls #fmls24 #fmevents #recruitment #financialcareers
📣 Stay updated with the latest in finance and trading!
Follow FMevents across our social media platforms for news, insights, and event updates.
Connect with us today:
🔗 LinkedIn: https://www.linkedin.com/showcase/financemagnates-events/
👍 Facebook: https://www.facebook.com/FinanceMagnatesEvents
📸 Instagram: https://www.instagram.com/fmevents_official
🐦 Twitter: https://twitter.com/F_M_events
🎥 TikTok: https://www.tiktok.com/@fmevents_official
▶️ YouTube: https://www.youtube.com/@FinanceMagnates_official
Don't miss out on our latest videos, interviews, and event coverage.
Subscribe to our YouTube channel for more!
Fintech Talent in the UK: The Human Factor Driving Industry Change 🌟
What does it take to attract, retain, and upskill the best fintech talent in today’s rapidly evolving UK market? In this engaging interview, Nadia Edwards-Dashti, Chief Customer Officer at Harrington Star, explores the future of talent recruitment, the rise of sales roles, and how AI is reshaping the industry—without replacing the human touch.
#fmls #fmls24 #fmevents #recruitment #financialcareers
📣 Stay updated with the latest in finance and trading!
Follow FMevents across our social media platforms for news, insights, and event updates.
Connect with us today:
🔗 LinkedIn: https://www.linkedin.com/showcase/financemagnates-events/
👍 Facebook: https://www.facebook.com/FinanceMagnatesEvents
📸 Instagram: https://www.instagram.com/fmevents_official
🐦 Twitter: https://twitter.com/F_M_events
🎥 TikTok: https://www.tiktok.com/@fmevents_official
▶️ YouTube: https://www.youtube.com/@FinanceMagnates_official
Don't miss out on our latest videos, interviews, and event coverage.
Subscribe to our YouTube channel for more!
Executive Interview with Roberto Politano | Finnovate Finance | FMLS:24
Executive Interview with Roberto Politano | Finnovate Finance | FMLS:24
Executive Interview with Roberto Politano from Finnovate Finance at the Finance Magnates London Summit 2024
#fmls #fmls24 #fmevents #RetailTrading #FintechInnovation
📣 Stay updated with the latest in finance and trading!
Follow FMevents across our social media platforms for news, insights, and event updates.
Connect with us today:
🔗 LinkedIn: https://www.linkedin.com/showcase/financemagnates-events/
👍 Facebook: https://www.facebook.com/FinanceMagnatesEvents
📸 Instagram: https://www.instagram.com/fmevents_official
🐦 Twitter: https://twitter.com/F_M_events
🎥 TikTok: https://www.tiktok.com/@fmevents_official
▶️ YouTube: https://www.youtube.com/@FinanceMagnates_official
Don't miss out on our latest videos, interviews, and event coverage.
Subscribe to our YouTube channel for more!
Executive Interview with Roberto Politano from Finnovate Finance at the Finance Magnates London Summit 2024
#fmls #fmls24 #fmevents #RetailTrading #FintechInnovation
📣 Stay updated with the latest in finance and trading!
Follow FMevents across our social media platforms for news, insights, and event updates.
Connect with us today:
🔗 LinkedIn: https://www.linkedin.com/showcase/financemagnates-events/
👍 Facebook: https://www.facebook.com/FinanceMagnatesEvents
📸 Instagram: https://www.instagram.com/fmevents_official
🐦 Twitter: https://twitter.com/F_M_events
🎥 TikTok: https://www.tiktok.com/@fmevents_official
▶️ YouTube: https://www.youtube.com/@FinanceMagnates_official
Don't miss out on our latest videos, interviews, and event coverage.
Subscribe to our YouTube channel for more!
#fmls #fmls24 #fmevents #cyptotrading #DigitalAssets #pepperstone
📣 Stay updated with the latest in finance and trading!
Follow FMevents across our social media platforms for news, insights, and event updates.
Connect with us today:
🔗 LinkedIn: https://www.linkedin.com/showcase/financemagnates-events/
👍 Facebook: https://www.facebook.com/FinanceMagnatesEvents
📸 Instagram: https://www.instagram.com/fmevents_official
🐦 Twitter: https://twitter.com/F_M_events
🎥 TikTok: https://www.tiktok.com/@fmevents_official
▶️ YouTube: https://www.youtube.com/@FinanceMagnates_official
Don't miss out on our latest videos, interviews, and event coverage.
Subscribe to our YouTube channel for more!
#fmls #fmls24 #fmevents #cyptotrading #DigitalAssets #pepperstone
📣 Stay updated with the latest in finance and trading!
Follow FMevents across our social media platforms for news, insights, and event updates.
Connect with us today:
🔗 LinkedIn: https://www.linkedin.com/showcase/financemagnates-events/
👍 Facebook: https://www.facebook.com/FinanceMagnatesEvents
📸 Instagram: https://www.instagram.com/fmevents_official
🐦 Twitter: https://twitter.com/F_M_events
🎥 TikTok: https://www.tiktok.com/@fmevents_official
▶️ YouTube: https://www.youtube.com/@FinanceMagnates_official
Don't miss out on our latest videos, interviews, and event coverage.
Subscribe to our YouTube channel for more!