Five major Russian Banks Attacked

Uploaded on 2016-11-21 in INTELLIGENCE-Hot Spots-Russia, FREE TO VIEW, BUSINESS-Services-Financial, NEWS-Cybersecurity News, TECHNOLOGY--Hackers

At least five major banks in Russia have been hit with a series of cyberattacks made possible by a malicious botnet consisting of roughly 24,000 computer systems and Internet of Things (IoT) devices from 30 different countries, a security firm has said.

Sberbank, Russia's largest state-controlled bank, alongside with four other financial intuitions, reportedly suffering a barrage of distributed-denial-of-service (DDoS) traffic starting on 8 November. The firms maintain that no customer funds were compromised in the attacks.

According to the Tass state news agency, Alfa Bank, Moscow Bank, Rosbank and the Moscow Exchange were also targeted. DDoS attacks typically send waves of traffic at a websites' server in order to take it offline and have evolved into an effective Dark Web-based 'for hire' service.

The Russian Central Bank said: "Bot networks from the so-called Internet-of-Things (IoT) devices were involved in the attacks. These were average-power attacks. Availability of banks' services was not compromised. The information was sent to the law enforcement authorities."

In a statement to Agence France-Presse (AFP), Kaspersky Lab, the Russian security firm probing the incident, said the DDoS attacks saw roughly 660,000 requests being sent per second using a hijacked network of at least 24,000 devices across the United States, India, Taiwan and Israel.

"These are complex attacks that are virtually impossible to stop with standard tools available to communications providers," Kaspersky Lab told Tass. Furthermore, a representative reportedly also told The Moscow Times the attacks "might be a distraction for a much larger cyber-attack."

In a statement, Sberbank said the attacks were aided by a botnet "consisting of tens of thousands computers." It added: "We registered the first attack early in the morning [...] the next attack in the evening involved several waves, each of them was twice as powerful as the previous one."

Sberbank said it was able to curb the cyberattack without its main website operations being impacted. According to the BBC, the bank had encountered "68 similar attacks in 2016" but this latest surge in malicious traffic was among the biggest it had ever faced.

A botnet relying on IoT-based devices is likely to target unpatched and insecure products including remote webcams, CCTV recorders and home automation items. Once compromised, the devices give hackers the ability to conduct powerful cyberattacks with ease.

The most recent example occurred on 21 October after a botnet – called Mirai – was deployed against the servers of Dyn, a major DNS provider. As a result of this attack, many big-brand websites including Twitter, Reddit and Netflix were taken offline or disrupted in the US for several hours.

On 8 November, a hacker using the name 'vimproducts' contacted Vice Motherboard and claimed to be launching attacks on a series of banks in Russia in response to the alleged tampering in the recent presidential elections in the US, an allegation denied by Moscow.

For months, tension between the White House and the Kremlin has steadily mounted – amid threads of retaliation from US intelligence – following the cyberattack at the Democratic National Committee (DNC) which was blamed on two notorious hacking groups aligned with Russia.

Yahoo

 

« Both Police & Business Must Deal With Cyber Extortion
Why Science Couldn’t Predict a Trump Presidency »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Israel Aerospace Industries (IAI)

Israel Aerospace Industries (IAI)

IAI offers a holistic approach that provides defense forces, governments, critical infrastructures and large enterprises with end-to-end cyber security & monitoring tools.

WISeKey

WISeKey

WISeKey is a leading cybersecurity company currently deploying large scale digital identity ecosystems for people and objects using Blockchain, AI and IoT.

Axonius

Axonius

Axonius is the only solution that offers a unified view of all assets and their coverage, empowering customers to take action to enforce their organization’s security policies.

Securis

Securis

Securis provides organizations and agencies with the highest level of professional, ultra-secure data destruction and IT recycling.

Sompo International

Sompo International

Sompo International is a global specialty provider of property and casualty insurance and reinsurance services including Cyber & Network Risk.

CYRail

CYRail

CYRail project will analyse threats targeting Railway infrastructures and develop innovative attack detection and alerting techniques.

X-Ways Software Technology

X-Ways Software Technology

X-Ways provide software for computer forensics, electronic discovery, data recovery, low-level data processing, and IT security.

ClosingLock

ClosingLock

ClosingLock is the leading provider of wire fraud prevention software for the real estate industry.

Quartz Network

Quartz Network

Quartz Network is a curated community for change-makers, up-and-comers, and professionals who are ready to grow, adapt, and thrive.

Anametric

Anametric

Anametric is developing new technologies and devices for chip scale quantum photonics, with a focus on cybersecurity.

NetApp

NetApp

The NetApp portfolio includes intelligent cloud services, data services, and storage infrastructure that helps organizations manage applications and data everywhere across hybrid cloud environments.

Sonet.io

Sonet.io

Sonet.io is built for IT leaders that want a great experience for their remote workers, while enhancing security and observability.

GISEC Global

GISEC Global

GISEC Global provides vendors and companies from around the world with access to lucrative opportunity to capitalize on what's set to become one of the world's booming markets.

CYBHORUS

CYBHORUS

CYBHORUS are a team of Italian cyber security experts, specialized in cyber threat defense and strategic and organizational consulting.

Professional Labs

Professional Labs

Professional Labs specialize in simplifying complex problems for our customers with Cloud Services, Managed Services and Cyber Security.

M6iT Consulting

M6iT Consulting

M6iT Consulting is an industry-leading solution partner managing the IT requirements for a full range of companies.