Five major Russian Banks Attacked

At least five major banks in Russia have been hit with a series of cyberattacks made possible by a malicious botnet consisting of roughly 24,000 computer systems and Internet of Things (IoT) devices from 30 different countries, a security firm has said.

Sberbank, Russia's largest state-controlled bank, alongside with four other financial intuitions, reportedly suffering a barrage of distributed-denial-of-service (DDoS) traffic starting on 8 November. The firms maintain that no customer funds were compromised in the attacks.

According to the Tass state news agency, Alfa Bank, Moscow Bank, Rosbank and the Moscow Exchange were also targeted. DDoS attacks typically send waves of traffic at a websites' server in order to take it offline and have evolved into an effective Dark Web-based 'for hire' service.

The Russian Central Bank said: "Bot networks from the so-called Internet-of-Things (IoT) devices were involved in the attacks. These were average-power attacks. Availability of banks' services was not compromised. The information was sent to the law enforcement authorities."

In a statement to Agence France-Presse (AFP), Kaspersky Lab, the Russian security firm probing the incident, said the DDoS attacks saw roughly 660,000 requests being sent per second using a hijacked network of at least 24,000 devices across the United States, India, Taiwan and Israel.

"These are complex attacks that are virtually impossible to stop with standard tools available to communications providers," Kaspersky Lab told Tass. Furthermore, a representative reportedly also told The Moscow Times the attacks "might be a distraction for a much larger cyber-attack."

In a statement, Sberbank said the attacks were aided by a botnet "consisting of tens of thousands computers." It added: "We registered the first attack early in the morning [...] the next attack in the evening involved several waves, each of them was twice as powerful as the previous one."

Sberbank said it was able to curb the cyberattack without its main website operations being impacted. According to the BBC, the bank had encountered "68 similar attacks in 2016" but this latest surge in malicious traffic was among the biggest it had ever faced.

A botnet relying on IoT-based devices is likely to target unpatched and insecure products including remote webcams, CCTV recorders and home automation items. Once compromised, the devices give hackers the ability to conduct powerful cyberattacks with ease.

The most recent example occurred on 21 October after a botnet – called Mirai – was deployed against the servers of Dyn, a major DNS provider. As a result of this attack, many big-brand websites including Twitter, Reddit and Netflix were taken offline or disrupted in the US for several hours.

On 8 November, a hacker using the name 'vimproducts' contacted Vice Motherboard and claimed to be launching attacks on a series of banks in Russia in response to the alleged tampering in the recent presidential elections in the US, an allegation denied by Moscow.

For months, tension between the White House and the Kremlin has steadily mounted – amid threads of retaliation from US intelligence – following the cyberattack at the Democratic National Committee (DNC) which was blamed on two notorious hacking groups aligned with Russia.

Yahoo

 

« Both Police & Business Must Deal With Cyber Extortion
Why Science Couldn’t Predict a Trump Presidency »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

ON-DEMAND WEBINAR: Learn how SOAR helps you streamline security

ON-DEMAND WEBINAR: Learn how SOAR helps you streamline security

Watch this webinar to explore the Security orchestration, automation, and response (SOAR) paradigm, its relationship with organization IT practices, and its role in your security strategy.

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

4ARMED

4ARMED

4ARMED specializes in penetration testing, information security consultancy and security training

Snow Software

Snow Software

Snow Software is changing the way organizations think about their technology investments, empowering IT and business leaders to drive transformation with precision and agility.

bdCERT

bdCERT

bdCERT is the national Computer Emergency Response Team for Bangladesh.

qSkills

qSkills

QSkills is an independent training provider specialized high-quality IT and IT management training courses including IT security.

Netteam

Netteam

Netteam designs, implements and services networking solutions for companies of all sizes.

Crosscheck Networks

Crosscheck Networks

Crosscheck products allow you to test your APIs across different protocols and message formats with functional automation, performance, and security testing capabilities.

Wise-Mon

Wise-Mon

Wise-Mon is expert in its field of network monitoring and control. We give solutions to huge organizations with tens of thousands of ports, as well as small companies with one switch.

Group Salus

Group Salus

Salus provides SMBs with cyber security-related communications consulting, crisis management, and brand reputation services.

WisePlant

WisePlant

WisePlant's portfolio of solutions and services includes process measurement, secure automation, industrial cybersecurity, functional safety and more.

FiberWolf

FiberWolf

FiberWolf is a Managed Security Service Provider (MSSP) serving customers from diverse industries including Government, Education, Banking and Technology.

Tier One Technology Partners

Tier One Technology Partners

Tier One Technology Partners is an IT managed services provider that focuses on cybersecurity, cloud services, IT consulting, and infrastructure.

Pyxsoft PowerWAF

Pyxsoft PowerWAF

Pyxsoft PowerWAF responds to the problem of business cybersecurity. We protect our clients' websites and data against attacks and exploitation of all kinds of vulnerabilities.

Axitea

Axitea

Axitea designs, implements and develops the solutions best suited to its customers’ needs and their physical and cyber security requirements.

Concourse Labs

Concourse Labs

Concourse Labs Security Guardrails continuously verify cloud infrastructure and workloads. Continuously assess clouds for security, resiliency, and regulatory compliance.

Dope Security

Dope Security

Dope Security is a fly-direct Secure Web Gateway that eliminates the data center stopover architecture required by legacy providers, instead performing security directly on the endpoint.

Virtual Technologies Group (VTG)

Virtual Technologies Group (VTG)

Virtual Technologies Group is a single source, IT product and services provider for SMBs and IT departments, delivering reliable, cost-efficient service, maintenance and support solutions.