Sberbank Faces Unprecedented DDoS Attack

Sberbank has reported a dramatic increase in cyberattacks targeting Russian companies over the past three months, with a significant rise in both the scale and sophistication of these attacks. Sergey Lebed, Vice President and Head of the Cybersecurity Department at Sberbank, shared these insights during his speech at the Positive Hack Days 11 practical cybersecurity forum.

According to Lebed, on May 6, 2022, Sberbank successfully repelled the most powerful DDoS attack in its history. The attack targeted the bank’s website, with malicious traffic generated by a botnet consisting of more than 27,000 devices from Taiwan, the United States, Japan, and the United Kingdom. The attack reached a peak bandwidth of over 450 gigabits per second.

New Tactics and Tools Used by Cybercriminals

Lebed also noted that cybercriminals are now employing new tactics and tools in their attacks. These include injecting malicious code into advertising scripts, using harmful Google Chrome extensions, and deploying pre-configured Docker containers equipped with attack tools. Criminal groups are highly coordinated, and the total number of cybercriminals targeting Sberbank exceeds 100,000 individuals.

According to Sberbank’s representative, the bank is under constant cyberattack around the clock. Sberbank’s Cybersecurity Center operates 24/7, continuously analyzing cyber threats and responding to them in real time.