Hackers from Ukraine’s Main Intelligence Directorate claim to have effected one of the largest Distributed Denial-of-Service (DDoS) attacks in history, derailing Russia’s financial services.
According to the Kyiv Post, the attack compromised the online services of all major Russian banks, including the Central Bank, telecommunications service providers, national payment systems, social networks and messengers, government resources, and dozens of other services.
The affected Russian financial institutions are reported to include VTB Bank, Alfa Bank, SberBank, Raiffeisen Bank, RSHB Bank, Ak Bars Bank, Rosbank, Gazprombank, Tinkoff Bank, iBank, Dom.RF Bank, and the Bank of Russia. On the last day of the attack, the resources of the Russian Ministry of Defense, the Ministry of Internal Affairs. The Federal Tax Service was also reported to have been affected.
Millions of users in virtually every region of Russia felt the effects of the cyber operation, many of them unable to use internet services. According to the latest reports, disruptions of the websites of the Ministry of Defense, the Ministry of Internal Affairs, and the Federal Tax Service are still being observed.
Russian cyber blitz is a warning to the West
The blitz on Russia’s financial services sectors may, however, be seen as a warning for the West. While the focus of the current wave of crippling DDoS attacks is currently centered on Russia, similar techniques may soon be employed by threat actors targeting economies in countries such as the US and the UK. Even before reports of the devastating attack on Russia began to surface, Cyber Intelligence predicted that the hacking expertise now being developed as a result of the Ukraine/Russia conflict would soon be used by other threat actors to target Western economies.
Pankit Desai, CEO of cybersecurity firm Sequretek last week, told Cyber Intelligence: “The ongoing conflict in Ukraine has seen concerted cyber-attacks on critical infrastructure. When the conflict ends, the cyber-gangs responsible will find new targets in countries such as the US and the UK. It is now no longer a question of if but when a concerted cyber-attack will take out critical infrastructure in a major Western economy.”
A report from Akamai early last year also highlighted the return of DDoS attacks in geopolitical conflicts. According to Akamai DDoS attacks have been around for decades, but the recent increase in both volume and intensity is of rising concern to the financial sector.
“Largely dormant for years, 2022 saw the return of DDoS attacks based on political motivations. Targets have consisted of government websites, private networks, education facilities, and critical infrastructure – including financial institutions – of entities that directly or indirectly have taken sides in the Russia-Ukraine war or other geopolitical tensions between China and Taiwan, as well as between the US, Israel, and Iran,” said Akamai.
