Five major Russian Banks Attacked

Uploaded on 2016-11-21 in INTELLIGENCE-Hot Spots-Russia, FREE TO VIEW, BUSINESS-Services-Financial, NEWS-Cybersecurity News, TECHNOLOGY--Hackers

At least five major banks in Russia have been hit with a series of cyberattacks made possible by a malicious botnet consisting of roughly 24,000 computer systems and Internet of Things (IoT) devices from 30 different countries, a security firm has said.

Sberbank, Russia's largest state-controlled bank, alongside with four other financial intuitions, reportedly suffering a barrage of distributed-denial-of-service (DDoS) traffic starting on 8 November. The firms maintain that no customer funds were compromised in the attacks.

According to the Tass state news agency, Alfa Bank, Moscow Bank, Rosbank and the Moscow Exchange were also targeted. DDoS attacks typically send waves of traffic at a websites' server in order to take it offline and have evolved into an effective Dark Web-based 'for hire' service.

The Russian Central Bank said: "Bot networks from the so-called Internet-of-Things (IoT) devices were involved in the attacks. These were average-power attacks. Availability of banks' services was not compromised. The information was sent to the law enforcement authorities."

In a statement to Agence France-Presse (AFP), Kaspersky Lab, the Russian security firm probing the incident, said the DDoS attacks saw roughly 660,000 requests being sent per second using a hijacked network of at least 24,000 devices across the United States, India, Taiwan and Israel.

"These are complex attacks that are virtually impossible to stop with standard tools available to communications providers," Kaspersky Lab told Tass. Furthermore, a representative reportedly also told The Moscow Times the attacks "might be a distraction for a much larger cyber-attack."

In a statement, Sberbank said the attacks were aided by a botnet "consisting of tens of thousands computers." It added: "We registered the first attack early in the morning [...] the next attack in the evening involved several waves, each of them was twice as powerful as the previous one."

Sberbank said it was able to curb the cyberattack without its main website operations being impacted. According to the BBC, the bank had encountered "68 similar attacks in 2016" but this latest surge in malicious traffic was among the biggest it had ever faced.

A botnet relying on IoT-based devices is likely to target unpatched and insecure products including remote webcams, CCTV recorders and home automation items. Once compromised, the devices give hackers the ability to conduct powerful cyberattacks with ease.

The most recent example occurred on 21 October after a botnet – called Mirai – was deployed against the servers of Dyn, a major DNS provider. As a result of this attack, many big-brand websites including Twitter, Reddit and Netflix were taken offline or disrupted in the US for several hours.

On 8 November, a hacker using the name 'vimproducts' contacted Vice Motherboard and claimed to be launching attacks on a series of banks in Russia in response to the alleged tampering in the recent presidential elections in the US, an allegation denied by Moscow.

For months, tension between the White House and the Kremlin has steadily mounted – amid threads of retaliation from US intelligence – following the cyberattack at the Democratic National Committee (DNC) which was blamed on two notorious hacking groups aligned with Russia.

Yahoo

 

« Both Police & Business Must Deal With Cyber Extortion
Why Science Couldn’t Predict a Trump Presidency »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

RISA

RISA

RISA solutions help to secure networks, improve overall network security, and achieve government regulatory compliance.

GovCERT.HK

GovCERT.HK

GovCERT.HK is the Government Computer Emergency Response Team for Hong Kong.

Magic Software Enterprises

Magic Software Enterprises

Magic provide Mobile Device Management (MDM) for Secure Enterprise Mobility. Magic MDM overcomes the challenges of mobile device management security by protecting all of your devices, data and content

CSIS Security Group

CSIS Security Group

CSIS provide actionable threat intelligence, prevention, incident response and 24/7 managed security services.

MIT Internet Policy Research Initiative (IPRI)

MIT Internet Policy Research Initiative (IPRI)

IPRI's mission is to work with policy makers and technologists to increase the trustworthiness and effectiveness of interconnected digital systems

Nation-E

Nation-E

Nation-E offers innovative cyber security solutions for industrial installations, critical infrastructure and smart grids.

SecuDrive

SecuDrive

SecuDrive, provides hardware encrypted external storage devices to protect a company’s sensitive and important data.

Guardsquare

Guardsquare

GuardSquare is the global reference in mobile application protection. We develop premium software for the protection of mobile applications against reverse engineering and hacking.

Connectria

Connectria

Connectria provides cloud hosting, remote monitoring, and compliant cloud security solutions and services to enterprises, medium and small businesses.

White Hawk Software

White Hawk Software

White Hawk provides code tamper-proofing solutions to protect mission critical software applications from malicious and Zero day attacks and reverse engineering at run time.

Snowflake

Snowflake

Empower your cybersecurity and compliance teams with Snowflake. Gain full visibility into security logs, at massive scale, while reducing costs of Security Information and Event Management systems.

Red Sky Alliance

Red Sky Alliance

Red Sky Alliance (Wapack Labs Corp) is a cyber threat intelligence firm that delivers proprietary intelligence data, analysis and in-depth strategic reporting.

Sectyne

Sectyne

Sectyne is a full-stack cyber consultancy committed to providing tailored services, advisory consultations, and training.

Wadilona Cyber Securities

Wadilona Cyber Securities

Wadilona Cyber Securities' sole aim is to bring and secure Information and Communications Technology (ICT) to and work for humans in its simplest terms.

ZEUSS

ZEUSS

ZEUSS is a diversified data center, cybersecurity, and green energy company.

Autobahn Security

Autobahn Security

Autobahn Security is a growing team of 80+ experts from 25+ nationalities, established in 5 countries. We’re working hard to make Autobahn Security the No. 1 solution for improved hacking-resilience.