Rostelecom, Russia’s biggest internet provider, says that 2022 marked a new record for distributed denial-of-service attacks (DDoS), which targeted organizations within the country.
Cyberattacks that cause a website or service not to be accessible online are known as DDoS attacks. They overwhelm the server with requests, which reduces its ability to accept new connections and causes the site to stop responding.
Hacktivists used DDoS attacks to disable critical services on both the Ukrainian-Russian conflict sides, often in retaliation against actions or announcements regarding the ongoing war.
experts have recorded 21.5million critical web attacks against approximately 600 Russian companies from different industries including financial and telecom.
Rostelecom recorded a DDoS attack that was nearly twice as powerful as any attack in the past year at 760 GB/sec. The longest DDoS attack lasted almost three months.
Moscow was the most targeted region in 2022, as it is where many of Russia’s leading companies reside . Rostelecom claims it has detected more than 500,000 DDoS attacks on the city’s organizations.
The attacks began in March, and the end of them was May 2022. Rostelecom claims that the source of the attacks was based upon IP addresses. The targets were located in the banking industry.
This spike coincides with the time when Sberbank, Russia’s biggest bank, that it experienced the largest DDoS attack, measuring at 450GB/sec.
In May 2022, the Ukrainian IT Army declared that it had Russian alcohol beverage distribution after it targeted an important online portal.
Although the attack volume was relatively steady from July to December 2022, it was significantly lower than Q2 2022. However, after that time, according to the Russian ISP, attacks became more targeted and sophisticated.
An in December 2022 caused the website and mobile apps to be taken offline by the Russian second-largest bank.
Cyberattacks on the State
Around 80% of cyberattacks on Russian entities involved DDoS attacks, however Rostelecom also tracked the targeted websites.
The vulnerabilities were: arbitrary command execution (10%) after exploiting the vulnerability (4%), path traversal (3%) and local file inclusion (3%) as well as SQL injection (3%) and cross-site scripting (1%)
Cyberattacks on the public sector accounted for 30 percent of all incidents in 2022, which is 12 times as many than 2021.
Notable 25% of the attacks were on financial services and institutions. Rostelecom suspects that the motive for the attacks was to disrupt the economically critical sector and to gain access to databases containing personal financial information of customers.
Third place is education institutions, with 16% of cyberattacks. Rostelecom claims that they may have been targeted due to links to Russian businesses.
Miratorg Agribusiness Holding that it had suffered a devastating cyberattack in March 2022. This attack also included data encryption and caused disruptions to food distribution.