Article Details
Scrape Timestamp (UTC): 2023-11-08 18:15:18.414
Original Article Text
Click to Toggle View
Russian state-owned Sberbank hit by 1 million RPS DDoS attack. Russian financial organization Sberbank states in a press release that two weeks ago it faced the most powerful distributed denial of service (DDoS) attack in recent history. Sberbank is a majority state-owned banking and financial services company and the largest institute in Russia, holding about a third of all assets in the country. Following Russia’s invasion of Ukraine, the bank faced international blockades and sanctions and was the target of west-aligned hacktivists multiple times. Russian outlet Interfax reports that the attack reached one million requests per second (RPS), which the organization said was roughly four times the size of the most powerful DDoS Sberbank had experienced up until then. “We noticed that these are some new hackers. Their fingerprint is not known to us. That is, some new, very qualified criminals appeared on the market who began to systematically attack the largest Russian resources,” stated the head of Sberbank (machine translated). While one million RPS is clearly significant, it does not compare to record-breaking DDoS attacks that use the new ‘HTTP/2 Rapid Reset’ technique to generate an impact a hundred times bigger than what Sbersbank experienced. In late August, Amazon detected a DDoS attack that peaked at 155 million RPS. Cloudflare mitigated a 201 million RPS one, while Google dealt with a DDoS attack that peaked at 398 million requests per second. Previous attacks In May 2022, Sberbank announced it was targeted by unprecedented hacker attacks, including massive DDoS waves aimed at its online customer services. The bank said it managed to repel a DDoS attack that measured at 450GB/sec, which was generated by a botnet of 27,000 compromised devices. A more recent blow sufferend by Russia’s financial system concerns the National Payment Card System (NSPK), the Mir card operator, whose website became unavailable on October 30, 2023, and was later defaced to post messages about a client-impacting data breach. NSPK told the press that the attackers couldn’t have stolen any sensitive customer data as the website does not store such information and assured them that the cyberattack hadn’t impacted the payments system. TheRecord later reported that hacktivists from the ‘DumpForums’ group and the Ukrainian Cyber Alliance had taken responsibility for the attack, also claiming to have stolen 31 GB of data.
Daily Brief Summary
Two weeks ago, Russian state-owned Sberbank reported facing the largest Distributed Denial of Service (DDoS) attack in its history at a scale of one million requests per second (RPS).
Sberbank, holding nearly one-third of all Russian assets, stated that the DDoS attack was approximately four times the size of any they had previously experienced.
The bank asserts the attack was conducted by "new, very qualified criminals" whose methods and techniques were unfamiliar to them, indicating this may not have been the work of typical hacktivist groups.
While significant, this attack does not match some of the most massive DDoS attacks seen recently, where new techniques are being used to generate a hundred times more impact, peaking at rates such as 398 million RPS for Google and 155 million RPS for Amazon.
Sberbank previously reported facing large-scale DDoS attacks focussed on its online customer services in May 2022, successfully fending off a 450GB/sec attack generated by a botnet of 27,000 compromised devices.
Another recent cyber incident saw Russia’s National Payment Card System's website compromised, but the organization asserted that no sensitive customer data was available on the website and the attack did not affect the payments system.