Russian Internet Giant Yandex Targeted by Massive DDoS Attack
The Attack, Confirmed by U.S. Company Cloudflare, Is the Largest in RuNet’s Short History.
The largest DDoS attack in the history of the Russian Internet was carried out on Yandex’ servers last weekend. The record scale of the cyberattack was confirmed by American company Cloudflare.
Without providing additional details, a Yandex spokesman confirmed the attack for Russian publication Vedomosti:
Yandex did indeed undergo a DDoS attack, which was reflected by our network infrastructure and the system for filtering unwanted requests. The attack did not affect the operation of the services, user data was not affected.
The Russian segment of the Internet, the RuNet, was created to function independently of the worldwide web. The RuNet Law aims to allow the Russian authorities to control data traffic and restrict access to the global Internet from Russia in case of foreign threats.
Vedomosti says that its sources declined to provide more information on the attack because of an ongoing internal audit, but noted that the incident represents “a threat to infrastructure on a national scale.”
According to Alexander Lyamin, CEO of Qrator Labs, an increase in the number of DDoS attacks on companies from various sectors of the economy was observed in August and September 2021 – from small businesses to the largest corporations. Lyamin notes:
The victims of these attacks are different, but the perpetrator, apparently, is the same, and he operates a botnet that has recently appeared in the industry. Some industry players have already announced that the Mirai botnet, which made a splash five years ago and was built on the basis of video cameras, has returned. Having devoted the last few weeks to studying the new botnet, we can say that a completely new botnet has appeared and it is built on the network equipment of a very popular vendor from the Baltic States. It spreads through a vulnerability in firmware and already numbers up to hundreds of thousands of infected devices.
The activity of this new botnet is observed not only in Russia but also in Europe, the USA, India, the Middle East, the APAC region, Latin America. Lyamin notes: “the whole world and the damage from them have already reached the level of billions of rubles.”
As my colleague Elena explained, DDoS stands for Distributed Denial of Service and refers to an online attack in which legitimate users are prevented from accessing their target online location. This is usually done by flooding that particular site with a multitude of illegitimate information requests.
In terms of the number of requests per second, the botnet discovered by Qrator Labs sets absolute records, developing amazing speeds – tens of millions of requests per second, which exceeds the speed of ordinary attacks of past years by two orders of magnitude.
According to the Distribution of DDoS attacks in Russia in 2020 report, the main targets of DDoS attacks in Russia are entertainment companies (40.76% of incidents), telecommunications companies (29.27%), online retail (11.94%), construction (6%), financial institutions (4.56%), education (3.61%), and service organizations (2, 68%).