Russia’s largest ISP says 2022 broke all DDoS attack records

DDoS attack

Russia’s largest internet service provider Rostelecom says 2022 was a record year for Distributed denial of service attacks (DDoS) targeting organizations in the country.

DDoS attacks are cyberattacks aimed at making an internet-connected website or service unavailable by overwhelming it with many requests that deplete the server’s ability to accept new connections, causing the service to become unresponsive.

Hacktivists have used DDoS attacks on both sides of the Ukraine-Russian conflict to disrupt critical services, usually as retaliation for actions or announcements made concerning the ongoing war.

In a report published today, Rostelecom says its experts recorded 21.5 million critical web attacks aimed at roughly 600 Russian organizations from various industries, including telecom, retail, financial, and the public sector.

The most powerful DDoS attack recorded by Rostelecom was 760 GB/sec, almost twice as big as the most potent attack of the previous year, while the longest DDoS lasted nearly three months.

Overloading Russia

The most attacked region in 2022 was Moscow, where the largest number of Russia’s top companies are located. Rostelecom says it detected over 500,000 DDoS attempts targeting the city’s entities.

March marked the beginning of the attacks, while May 2022 was the culmination point of the DDoS activities. Rostelecom says the origin of these attacks based on the IP addresses was the United States, while the targets were in the banking sector.

The spike in the attacks coincides with when Sberbank, one of Russia’s largest banks, reported it suffered the most significant DDoS attack it had ever seen, measured at 450 GB/sec.

Also, in May 2022, Ukraine’s IT Army announced it had disrupted the distribution of alcoholic beverages in Russia after targeting an essential online portal.

Volume of DDoS attacks per month
Volume of DDoS attacks per month (Rostelecom)

The attack volume stayed relatively stable from July until December 2022 but was notably lower compared to Q2 2022. After that, however, the Russian ISP says the attacks became more sophisticated and targeted.

In December 2022, an attack on VTB Bank, Russia’s second-largest financial institution, forced the bank’s mobile apps and main website to go offline for several days.

Cyberattacks targeting the state

About 80% of all cyberattacks targeting Russian entities were DDoS, but Rostelecom also recorded the targeting of website vulnerabilities. 

These vulnerabilities included arbitrary command execution after successfully exploiting a vulnerability (10%), path traversal (4%), local file inclusion (3%), SQL injection (3%), and cross-site scripting (1%).

Types of cyberattacks targeting Russia in 2022
Types of cyberattacks targeting Russia in 2022 (Rostelecom)

The largest number of cyberattacks in 2022 targeted the public sector, accounting for 30% of all recorded incidents, 12 times more than in 2021.

A notable 25% targeted financial institutes and services. Rostelecom believes the motivation for these attacks was to create a disruption in the highly-critical economical sector, as well as to access databases containing financial information and personal data of customers.

In third place, accounting for 16% of all cyberattacks, there are education institutes, which Rostelecom says might have been attacked due to their links to Russian companies.

In March 2022, the Moscow-based meat producer Miratorg Agribusiness Holding announced it suffered a catastrophic cyberattack that also involved data encryption, causing a disruption in the distribution of food to the market.


Original Source


A considerable amount of time and effort goes into maintaining this website, creating backend automation and creating new features and content for you to make actionable intelligence decisions. Everyone that supports the site helps enable new functionality.

If you like the site, please support us on Patreon using the button below

Digital Patreon Wordmark FieryCoralv2

To keep up to date follow us on the below channels.

join
Click Above for Telegram
discord
Click Above for Discord
reddit
Click Above for Reddit
hd linkedin
Click Above For LinkedIn