Mega DDoS attacks target Russian banking sector

Recently, Sberbank, a Russian banking giant and the nation's largest financial institution, suffered a distributed denial of service (DDoS) attack that set a new record for the entity: one million requests per second (RPS). The institute, mostly in state hands and holder of about a third of the country's financial assets, compared this assault with previous attacks, noting its quadruple power.

Large-scale DDoS attack detections

The attack was described as unprecedented for the bank, which has faced similar sabotage attempts in the past following Russia's invasion of Ukraine and resulting international sanctions. Attacks often attributed to hacktivists sympathetic to the West. However, Sberbank highlighted that this latest attack differs from past ones due to the advanced technical skills and novel tactical scheme used by the attackers.

Comparison with international DDoS attacks

While significant for the financial institution, the one million RPS spike that occurred does not compete with the most overwhelming attacks recorded globally. Some of these, such as those faced by Amazon, Cloudflare and Google, have exploited innovative techniques such as 'HTTP/2 Rapid Reset', generating impacts of a hundredfold size compared to what Sberbank suffered.

History of IT dilemmas in Russia

Already in May 2022, Sberbank declared that it had been the subject of unprecedented cyber attacks, including very powerful DDoS attacks against its online services. The bank withstood attacks of up to 450GB/sec, produced by a botnet of 27,000 compromised devices. A more recent event has hit the Russian financial ecosystem, with the National Payment Card System (NSPK), operator of Mir cards, suffering a service disruption and being defaced at the hands of hacktivists.