Five major Russian Banks Attacked

At least five major banks in Russia have been hit with a series of cyberattacks made possible by a malicious botnet consisting of roughly 24,000 computer systems and Internet of Things (IoT) devices from 30 different countries, a security firm has said.

Sberbank, Russia's largest state-controlled bank, alongside with four other financial intuitions, reportedly suffering a barrage of distributed-denial-of-service (DDoS) traffic starting on 8 November. The firms maintain that no customer funds were compromised in the attacks.

According to the Tass state news agency, Alfa Bank, Moscow Bank, Rosbank and the Moscow Exchange were also targeted. DDoS attacks typically send waves of traffic at a websites' server in order to take it offline and have evolved into an effective Dark Web-based 'for hire' service.

The Russian Central Bank said: "Bot networks from the so-called Internet-of-Things (IoT) devices were involved in the attacks. These were average-power attacks. Availability of banks' services was not compromised. The information was sent to the law enforcement authorities."

In a statement to Agence France-Presse (AFP), Kaspersky Lab, the Russian security firm probing the incident, said the DDoS attacks saw roughly 660,000 requests being sent per second using a hijacked network of at least 24,000 devices across the United States, India, Taiwan and Israel.

"These are complex attacks that are virtually impossible to stop with standard tools available to communications providers," Kaspersky Lab told Tass. Furthermore, a representative reportedly also told The Moscow Times the attacks "might be a distraction for a much larger cyber-attack."

In a statement, Sberbank said the attacks were aided by a botnet "consisting of tens of thousands computers." It added: "We registered the first attack early in the morning [...] the next attack in the evening involved several waves, each of them was twice as powerful as the previous one."

Sberbank said it was able to curb the cyberattack without its main website operations being impacted. According to the BBC, the bank had encountered "68 similar attacks in 2016" but this latest surge in malicious traffic was among the biggest it had ever faced.

A botnet relying on IoT-based devices is likely to target unpatched and insecure products including remote webcams, CCTV recorders and home automation items. Once compromised, the devices give hackers the ability to conduct powerful cyberattacks with ease.

The most recent example occurred on 21 October after a botnet – called Mirai – was deployed against the servers of Dyn, a major DNS provider. As a result of this attack, many big-brand websites including Twitter, Reddit and Netflix were taken offline or disrupted in the US for several hours.

On 8 November, a hacker using the name 'vimproducts' contacted Vice Motherboard and claimed to be launching attacks on a series of banks in Russia in response to the alleged tampering in the recent presidential elections in the US, an allegation denied by Moscow.

For months, tension between the White House and the Kremlin has steadily mounted – amid threads of retaliation from US intelligence – following the cyberattack at the Democratic National Committee (DNC) which was blamed on two notorious hacking groups aligned with Russia.

Yahoo

 

« Both Police & Business Must Deal With Cyber Extortion
Why Science Couldn’t Predict a Trump Presidency »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

Watch this webinar to hear security experts from Amazon Web Services (AWS) and SANS break down the myths and realities of what an NGFW is, how to use one, and what it can do for your security posture.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Wall Street Technology Association (WSTA)

Wall Street Technology Association (WSTA)

The Wall Street Technology Association (WSTA) provides financial industry technology professionals with forums to learn from and connect with each other.

WIRED

WIRED

WIRED is the magazine about what's next – the people, the trends and the big ideas that will change our lives. Topics covered include cyber security.

Gamma

Gamma

Gamma is a leading provider of Unified Communications as a Service (UCaaS) into the UK, Dutch, Spanish and German business markets.

Talend

Talend

Talend is a leader in cloud and big data integration software. Applications include Risk and Compliance management.

Security Industry Association (SIA)

Security Industry Association (SIA)

The SIA's mission is to be a catalyst for success​ within the global security industry through information, insight and influence.

SecurePay

SecurePay

SecurePay is Australia's premier payment gateway, with a range of secure online payment solutions for online retailers, SMEs and enterprise businesses.

Cryptsoft

Cryptsoft

Cryptsoft provides key management and security software development toolkits based around open standards such as OASIS KMIP and PKCS#11.

Fingerprint Cards

Fingerprint Cards

Fingerprint Cards develops and produces biometric components and technologies that verify a person’s identity through the analysis and matching of an individual’s unique fingerprint.

ECOLUX

ECOLUX

ECOLUX is a professional IoT security service company committed to developing world-leading “IoT Lifecycle Security” technologies and products.

Abion

Abion

At Abion (formerly BRANDIT), we empower your business by providing comprehensive brand protection and web security services.

Gytpol

Gytpol

Gytpol is a leader in Endpoint Configuration Security (ECS) solutions, providing validation, remediation & securing of IT Policies and IT Infrastructure on-premise and in the cloud.

NETRIO

NETRIO

If you are looking for a highly mature, exceptionally competent Managed Service Provider, NETRIO has solutions to keep your business running at warp speed with zero disruptions.

Magna5

Magna5

Magna5 is a managed IT service provider focusing in network and server monitoring, backup and disaster recovery, cybersecurity, help desk and SD-WAN.

AI Spera

AI Spera

AI-Driven Cyber Threat Intelligence Security. AI Spera provides real-time intelligence to empower your security competences in all aspects of the business.

QEDIT

QEDIT

QEDIT is leading the standardization of Zero-Knowledge Proofs through the ZKProof.org Workshops, and builds production-grade ZKP systems for blockchain.

Zally

Zally

Using advanced behavioural biometrics and AI, Zally is the world's answer to next-generation security.