Since Saturday morning Crowdestor investors are having trouble accessing their accounts. After the initial panic reaction, so common after recent events with P2P platform scams, the company justified the event with a concrete DDoS attack. Today they announced the transition to Amazon Web Services and additional measures to avoid this to repeat in the future.
Crowdestor: A Target?
Recently I shared how Janis Timma is among the most engaged and ambitious P2P platform CEOs in the industry, aiming to building the leading business crowdfunding platform in Europe. This type of ambition drives competition and sometimes attacks.
Performing a DDoS attack is not really a domain of stupid people. The way these attacks are usually performed is through an agent taking over a significant number of computers (probably through a computer virus) and generates a command to create requests to the website. The massive inflow of requests makes the targeted website unresponsive. At the same time, this type of decentralized attack makes it very hard to assess the source from where the attack originated.
It is important to have a website hosted in a reliable provider. The fact that Crowdestor was not able to fight this type of attack is a warning to all investors regarding the importance of a strong IT team in the platform they invest in. The response time of Crowdestor, due to the circumstances was fast, however, investors that are prone to panic have faced a terrible couple of days.
Crowdestor announcement of moving to Amazon Web Services is a positive one. I know there is a cost involved, but from security, scalability, uptime point of view, this is the way forward.
Crowdestor: A Lesson Learned?
Clearly Crowdestor needs to improve its crisis management, in special on the side of investor communication. Investors most of the time are simply crazy and will panic if not informed.
But I must highlight the upfront approach in the available updates and congratulate the team for the fast migration to AWS. They will need some more time to adjust everything, but I’m not worried about the platform. It will be good for Crowdestor to try to find the reason behind this attack and share their conclusions with investors. This is the type of attack that does not give the attacker any gain, only disturbs the service, so why?
Update 31 July 2020
What do you think of Crowdestor response?
Again, Crowdestor is among my guilty pleasures. I know the risk, but I like the aggressive approach followed to grow. Even if I will reduce my exposure over time, for those looking for a wild ride, it’s definitely among the best options available. What is your personal opinion on the future of the platform? Will you decide to invest or avoid it? Why? It will be very interesting to learn your opinion on this topic.
What to learn more about Crowdestor?
Crowdestor Alternatives and Competitors
The blog contains affiliate links. Please learn more about it in the Disclaimer.