Sberbank, Russia's Leading State-Owned Financial Institution, Faces Unprecedented DDoS Assault

In an alarming revelation, Sberbank, a major player in Russia's banking sector, disclosed a recent encounter with an extraordinarily powerful Distributed Denial of Service (DDoS) attack, as reported in their recent press release. This assault marked a significant escalation in the series of cyber threats directed at the institution, occurring just two weeks prior.

The onslaught, comprising an unprecedented volume of one million requests per second (RPS), underscored the intensity and sophistication of this latest attack, which the bank’s authorities described as notably more potent than any previously encountered. The bank's officials highlighted the emergence of a new breed of highly skilled cybercriminals responsible for this systematic onslaught against significant Russian resources.

Although the magnitude of this attack was substantial, it paled in comparison to other record-breaking DDoS incidents leveraging cutting-edge techniques such as the 'HTTP/2 Rapid Reset.' Notably, past attacks on other major technology platforms like Amazon, Cloudflare, and Google have reached staggering peaks, with incidents recording requests per second numbering in the hundreds of millions.

Sberbank had previously weathered formidable hacker assaults in 2022, combating massive DDoS waves and mitigating a sizable 450GB/sec attack emanating from a botnet of 27,000 compromised devices. However, the recent blows extend beyond Sberbank, impacting Russia's National Payment Card System (NSPK). An incident on October 30, 2023, involved the unavailability and subsequent defacement of NSPK's website, raising concerns about a potential client data breach.

In a reassuring statement, NSPK clarified that no sensitive customer data was compromised during the attack, as their website does not store such information. They also affirmed that the cyber incident had no impact on their payments system.

Reports from TheRecord indicated that hacktivist groups claimed responsibility for this incident and purportedly gained access to 31 GB of data. This occurrence aligns with a series of escalating cyber conflicts triggered by Russia's actions in Ukraine, showcasing the complex and interconnected nature of modern cyber warfare.