While the Russian military has been bombing Ukraine, at home, Russian businesses have been bombarded with distributed denial-of-service (Opens in a new tab) (DDoS) – With such incidents against Russian entities reaching new highs in 2022.
Figures from Rostelecom, Russia’s largest internet service provider, claim that 21.5 million DDoS attacks were carried out against about 600 organizations in the country in 2022.
Most of the attacks took place in and around Moscow, where the majority of these companies are headquartered. None of the big sectors seem to have survived, with telecoms, retail, finance and the public sector all hit hard by the attacks.
Attack the public sector
The public sector was the most targeted, with nearly a third (30%) of all accidents (up 12-fold year-on-year). Financial institutions accounted for a quarter of attacks (25%), followed by education (16%).
Rostelecom said the largest attack was 760 GB/s, claiming it was almost twice as destructive as the biggest attack last year. But the longest attack lasted nearly three months.
Most of the attacks began in March, coinciding with the invasion of Ukraine, which began on February 24. The attacks peaked in May, the company later said. Based on the IP addresses used, the company concluded that the majority of attacks originated in the United States.
While DDoS attacks made up the vast majority of all attacks (around 80%), there were other types of cyberattacks as well. Vulnerable sites were also on the radar of Western hackers, who abused the flaws to launch arbitrary command execution attacks (10%), path traversal (4%), local file insertion (3%), SQL injection (3%), and cross-site scripting. (1%).
Since the start of the war between Russia and Ukraine, hackers and hacking activists from all sides have entered the fray, and have been very active.
Among them was Conti, one of the largest operators of ransomware, which has angered its (mostly Ukrainian) affiliates after publicly siding with the Russian government. Conti later retracted her statement, but the damage had already been done, as a hacker decided to leak multiple versions of the source code as well as hundreds of thousands of chat lines among its members.
Via: BleepingComputer (Opens in a new tab)