DDoS Attacks in 2022 Exceeded All Records, Says Russia’s Largest ISP
The Most Powerful DDoS Attack Was 760 GB/sec.
The largest Russian ISP, Rostelecom, reports that DDoS attacks against Russian businesses hit an all-time high in 2022.
In distributed denial of service attacks (DDoS), threat actors try to make a website or service that uses the internet inaccessible by flooding it with so many requests that the server can’t accept any more connections. This makes the service stop working.
On both sides of the Ukraine-Russia conflict, hackers have used DDoS attacks to shut down important services, usually in response to actions or statements made about the war.
In a recently released report, Rostelecom says that its experts have found 21.5 million critical web attacks on about 600 Russian organizations in different sectors, such as telecom, retail, finance, and the public sector.
Rostelecom found that the most powerful DDoS attack was 760 GB/sec, almost twice as big as the most powerful attack from the previous year. The longest DDoS attack lasted nearly three months.
Moscow, the Most Attacked Region
Moscow, where most of Russia’s best companies are based, was the most attacked area in 2022. Rostelecom says it found more than 500,000 DDoS attacks on entities in the city.
The DDoS attacks started in March and continued until May 2022, when they reached their peak. Rostelecom says that the IP addresses show that these attacks came from the United States and targeted financial institutions.
One of Russia’s largest banks, Sberbank, stated it was hit by the largest DDoS attack it has ever seen, with a throughput of 450 GB/sec, which corresponds to the time when the attacks spiked, explains Bleeping Computer.
In May 2022, Ukraine’s IT Army said that it had stopped the delivery of alcoholic drinks in Russia by hacking an important online portal.
From July until December 2022, the volume of attacks was reasonably consistent, but it was noticeably lower than in Q2 2022. However, after that time, the Russian ISP claims the attacks got more sophisticated and targeted.
Attacks against VTB Bank, Russia’s second-largest financial institution, took down its mobile apps and main website for days in December 2022.
80% of Cyberattacks Were DDoS
DDoS attacks accounted for over 80% of all cyberattacks against Russian entities, however Rostelecom also noted the targeting of website vulnerabilities.
The public sector was the target of the most cyberattacks in 2022, accounting for 30% of all registered incidents, 12 times higher than in 2021.
25% of the attacks targeted banking institutions and services – the goal for these attacks, according to Rostelecom, was to cause disruption in the extremely crucial economic sector, as well as to get access to databases storing financial information and personal data of consumers.
Education institutes come in third, accounting for 16% of all cyberattacks, according to Rostelecom, and may have been targeted because of their ties to Russian companies.
The full report (in Russian) published by Rostelecom is available here.