Five major Russian Banks Attacked

Uploaded on 2016-11-21 in INTELLIGENCE-Hot Spots-Russia, FREE TO VIEW, BUSINESS-Services-Financial, NEWS-Cybersecurity News, TECHNOLOGY--Hackers

At least five major banks in Russia have been hit with a series of cyberattacks made possible by a malicious botnet consisting of roughly 24,000 computer systems and Internet of Things (IoT) devices from 30 different countries, a security firm has said.

Sberbank, Russia's largest state-controlled bank, alongside with four other financial intuitions, reportedly suffering a barrage of distributed-denial-of-service (DDoS) traffic starting on 8 November. The firms maintain that no customer funds were compromised in the attacks.

According to the Tass state news agency, Alfa Bank, Moscow Bank, Rosbank and the Moscow Exchange were also targeted. DDoS attacks typically send waves of traffic at a websites' server in order to take it offline and have evolved into an effective Dark Web-based 'for hire' service.

The Russian Central Bank said: "Bot networks from the so-called Internet-of-Things (IoT) devices were involved in the attacks. These were average-power attacks. Availability of banks' services was not compromised. The information was sent to the law enforcement authorities."

In a statement to Agence France-Presse (AFP), Kaspersky Lab, the Russian security firm probing the incident, said the DDoS attacks saw roughly 660,000 requests being sent per second using a hijacked network of at least 24,000 devices across the United States, India, Taiwan and Israel.

"These are complex attacks that are virtually impossible to stop with standard tools available to communications providers," Kaspersky Lab told Tass. Furthermore, a representative reportedly also told The Moscow Times the attacks "might be a distraction for a much larger cyber-attack."

In a statement, Sberbank said the attacks were aided by a botnet "consisting of tens of thousands computers." It added: "We registered the first attack early in the morning [...] the next attack in the evening involved several waves, each of them was twice as powerful as the previous one."

Sberbank said it was able to curb the cyberattack without its main website operations being impacted. According to the BBC, the bank had encountered "68 similar attacks in 2016" but this latest surge in malicious traffic was among the biggest it had ever faced.

A botnet relying on IoT-based devices is likely to target unpatched and insecure products including remote webcams, CCTV recorders and home automation items. Once compromised, the devices give hackers the ability to conduct powerful cyberattacks with ease.

The most recent example occurred on 21 October after a botnet – called Mirai – was deployed against the servers of Dyn, a major DNS provider. As a result of this attack, many big-brand websites including Twitter, Reddit and Netflix were taken offline or disrupted in the US for several hours.

On 8 November, a hacker using the name 'vimproducts' contacted Vice Motherboard and claimed to be launching attacks on a series of banks in Russia in response to the alleged tampering in the recent presidential elections in the US, an allegation denied by Moscow.

For months, tension between the White House and the Kremlin has steadily mounted – amid threads of retaliation from US intelligence – following the cyberattack at the Democratic National Committee (DNC) which was blamed on two notorious hacking groups aligned with Russia.

Yahoo

 

« Both Police & Business Must Deal With Cyber Extortion
Why Science Couldn’t Predict a Trump Presidency »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

HPE Aruba Networking

HPE Aruba Networking

HPE Aruba Networking, a Hewlett Packard Enterprise company, is a leading provider of next-generation network access solutions for the mobile enterprise.

CERT.hr

CERT.hr

CERT.hr is the national authority competent for prevention and protection from computer threats to public information systems in the Republic of Croatia.

Proofpoint

Proofpoint

Proofpoint provide the most effective cybersecurity and compliance solutions to protect people on every channel including email, the web, the cloud, social media and mobile messaging.

Code Dx

Code Dx

Code Dx is a software application vulnerability correlation and management system.

Sparta Consulting

Sparta Consulting

Sparta Consulting is an information management and business development full service provider.

Tigerscheme

Tigerscheme

Tigerscheme is a certification scheme for information security specialists, backed by University standards and covering a wide range of expertise.

NSIDE Attack Logic

NSIDE Attack Logic

NSIDE Attack Logic simulates real-world cyber attacks to detect vulnerabilities in corporate networks and systems.

Cervello

Cervello

Cervello is a leading provider of comprehensive and proven solutions to protect railways against cyber attacks.

Griffeshield

Griffeshield

Griffeshield is a company specialised in new information technologies used to protect Intellectual Property.

Allentis

Allentis

Allentis provide adapted solutions to ensure the security and performance of your information system.

DataSolutions

DataSolutions

DataSolutions is a leading value-added distributor of transformational IT solutions in the UK and Ireland.

6WIND

6WIND

6WIND deliver virtualized, cloud-native, distributed high performance & secure networking software solutions to support new applications such as 5G, IoT, SD-WAN.

Cyber Explorers

Cyber Explorers

Cyber Explorers is a fun, free and interactive learning platform for future digital superstars. An exciting addition to UK curriculum delivery or after school activities.

Arculus Cyber Security

Arculus Cyber Security

Arculus Cyber Security enables customers to securely realise the benefits of digital transformation through pragmatic solutions, guidance and services.

Btech

Btech

Btech is the market leader in providing affordable managed IT security services for credit unions.

Assurestor

Assurestor

Assurestor's singular focus is delivering leading cloud-based backup and disaster recovery designed to increase levels of IT resilience.