Cyberattacks on Russian Infrastructure Continue to Surge

The open ecosystem of cybersecurity solutions and expertise, RED Security, has analyzed the cyberattacks faced by Russian companies in 2024. According to data from the RED Security SOC monitoring and incident response center, the total number of information security incidents in companies increased 2.5 times compared to 2023, reaching nearly 130,000 incidents. The total number of highly critical incidents (those that led or could have led to financial losses or business interruptions) reached around 26,000 over the year.

The company “Informzashita” confirms this trend, reporting that the total number of information security incidents in Russian companies last year reached about 140,000—2.7 times more than the previous year. They also noted a 30% increase in incidents in the second half of the year compared to the first half.

Critical Infrastructure Remains the Main Target

RED Security also notes that in 2024, organizations in critical information infrastructure sectors (CII; such as banks, industry, telecommunications, etc.) were most frequently targeted by hackers—accounting for about 64% of all incidents for the year. The industrial sector was the most attacked. Last year, only 47% of attacks targeted CII. When considering only highly critical attacks, the share of CII sectors grew to 68% compared to 2023, according to RED Security.

Il’naz Gataullin, Technical Lead at RED Security SOC, commented: “The research data allows us to predict that in the coming year, the volume of malicious cyber activity against Russian organizations, especially CII targets, will not decline. Therefore, we recommend organizations implement continuous, round-the-clock monitoring and response processes for cyber incidents, vulnerability management, and penetration testing.”

Hacktivists and Financially Motivated Cybercriminals

Politically motivated hackers (hacktivists) pose the primary threat to businesses overall, carrying out attacks not for financial gain but to damage specific companies. However, Aidar Guzairov, CEO of Innostage, notes that, in addition to the ongoing risk from politically motivated hackers, financially motivated cybercrimes remain highly relevant: “Their number has increased.” He adds that attackers are improving their skills, modernizing attack methods, and adopting new tools.

Notable Incidents and Future Outlook

Significant cyber incidents involving Russian companies have already occurred at the start of 2025. For example, the IT resources of the electronic trading platform “Roseltorg” were hit by a hacker attack, and on January 9, the company reported restricted access to its services.

According to Fedor Chunizhekov, head of the research group at Positive Technologies, a “moderate” increase in successful cyberattacks is expected in 2025, in the range of 5–10%. There may also be a shift toward digital espionage aimed at pressuring Russian businesses and government agencies. The threat of attacks on software supply chains (software vendors for companies) and targeted attacks on small and medium-sized businesses will remain, given their limited defense capabilities.

Source