Over the past few weeks Russian banks have been targeted by several cyberattacks. Some of them were of unusual magnitude, allegedly involving foreign intelligence agencies.
Thus earlier this week VTB, a major state-controlled bank, said that its websites had been hit by a DDoS (distributed denial of service) attack. However, the bank’s IT infrastructure “is working as normal and the bank’s clients are not experiencing any difficulties,” VTB stated, as reported by the news agency Interfax.
Almost simultaneously Bank of Russia, the country’s central bank, revealed that hackers had stolen 2 billion rubles (approximately $31 million at the current exchange rate) from correspondent bank accounts. The hackers — who initially intended to take as much as 5 billion rubles — reportedly forged a client’s credentials to get access to the accounts.
Just days before, the Federal Security Service (FSB) had warned that cyberattacks were being prepared by foreign intelligence agencies in an attempt to destabilize Russia’s financial system.
As reported by RT, the secret service claimed to have established that the servers and command centers to be used for the cybeattacks were located in the Netherlands, and belong to Ukrainian hosting company BlazingFast.
The FSB, the ministry of communications and the central bank announced measures to neutralize these threats.
In early November, five of Russia’s largest banks were hit by a major cyberattack. According to Kaspersky Lab, the attack involved a botnet consisting in more than 24,000 located in 30 countries. These included, in particular, India, Israel, Taiwan and the USA.
Hacking services from $25 a day
Apparently more modest means were used by a hacker calling himself Vimproducts, who claimed to have taken offline a selection of Russian banking and other financial websites on US election day.
The targeted sites included those of the Moscow Exchange, the Bank of Moscow, Rosbank and Alfa-Bank.
“Russia is bothering some clients with their effects on the US election,” he said in an online exchange with Motherboard, an international tech publication, to explain the attacks.
Vimproducts did not reveal how much his alleged clients had paid for these attacks. He usually charges $25 or $150 a day depending on the attack and site, according to his profile on AlphaBay, a dark web marketplace, but these attacks “obviously cost more,” he told Motherboard.
Criminals stole nearly $44 million directly from Russian banks in the last half of 2015 and the first half of 2016, up 292% from the same period a year earlier, according to Moscow-based cybersecurity company Group-IB. Meanwhile, thefts from individual online banking accounts went down 83%, to $0.1 million, and thefts from business bank accounts fell 50% to $17 million.
The threat, however, is global, with Russian cybercriminals field testing their attack techniques on local banks before taking them beyond Russia, notes online publication CSO.
