2016112306

The Russian Central Bank warns about a possibility of strengthening of various attacks on Russian banks in anticipation of the New Year holidays, the regulator’s press service told TASS.

“The Central Bank notes that attackers’ activity aimed at stealing customers’ money from financial institutions and from financial institutions themselves tends to increase in anticipation of the holidays. Therefore, various types of attacks are likely to strengthen (including newsletters, negative or provocative publications in social networks, DDoS-attacks, malware distribution, etc.) in December 2016,” the press service said.

On November 10, the Central Bank reported DDoS-attacks on a number of major banks and passed the information to the law enforcement authorities.

In early November, Sberbank fought off a series of powerful DDoS-attacks organized from dozens of countries. According to Vedomosti, Alfa Bank, Moscow Bank (part of VTB), Rosbank, and the Moscow Exchange also faced similar attacks.

According to Kaspersky Lab, hackers attacked websites of at least five prominent financial institutions of the top-10. This series of attacks was the first large-scale DDoS-wave this year, aimed at Russian banks.

Attackers used multi-vector SYN flood attacks (sends SYN requests to a target’s system to consume enough server resources to make it unresponsive) and HTTP flood attacks (exploits HTTP GET or POST requests that mask as legitimate). “These are complex attacks that are virtually impossible to stop with standard tools available to communications providers,” Kaspersky Lab said.

Average attack lasted for about an hour, the longest – almost 12 hours. Some banks have been attacked several times – Kaspersky Lab registered a series of 2 to 4 attacks with a short interval, with 660,000 requests per second on average, which is not the limit.

According to the company, the latest large-scale series of attacks happened in October 2015, when 8 well-known Russian banks were attacked.