At least five of Russia's largest banks were hit with prolonged distributed denial of service (DDoS) attacks earlier this week.
Beginning on Tuesday afternoon, the attacks continued intermittently for two days, targeting the online services of Sberbank, Alfabank and several other financial institutions. According to reports, the attacks were powered by an IoT botnet involving approximately 24,000 vulnerable devices, such as CCTV cameras or digital video recorders, located across 30 countries. Moscow-based cybersecurity firm Kaspersky Lab said over half of the compromised devices were situated in the United States, India, Taiwan and Israel. Most attacks lasted around one hour, the firm added, with the longest attack lasting almost 12 hours and peaking at 660,000 requests per second. In a statement, a Sberbank representative said it registered the first attack early in the morning, with the next attack occurring in the evening involving several waves.
“Each of them was twice as powerful as the previous one,” said the Sberbank spokesperson.
Nonetheless, the bank said its cybersecurity team was able to neutralize the attacks without affecting the ongoing operation of its website. Sberbank told BBC News it has suffered 68 similar attacks this year but November’s attacks ranked among the biggest it had ever faced. Meanwhile, Alfabank also confirmed it witnessed attacks, although at a much smaller scale. “There was an attack, but it was relatively weak. It did not affect Alfabank’s business systems in any way,” it said. Last month, record-breaking DDoS attacks led to the disruption of several high-profile websites – including Reddit, Spotify and Twitter – which also involved a powerful IoT botnet.
