Members
Stats
  • Total Posts: 30606
  • Total Topics: 9053
  • Online Today: 1346
  • Online Ever: 51419
  • (01. January 2010., 10:27:49)












Author Topic: The biggest Russian banks under huge DDoS attacks (Sberbank, Alfabank...)  (Read 423 times)

0 Members and 1 Guest are viewing this topic.

Samker

  • SCF Administrator
  • *****
  • Posts: 7411
  • KARMA: 309
  • Gender: Male
  • Whatever doesn't kill us makes us stronger.
    • SCforum.info - Samker's Computer Forum
At least five Russian banks weathered days-long DDoS attacks this week.

A wave of assaults began on Tuesday afternoon and continued over the next two days. Victims include Sberbank and Alfabank, both of which confirmed DDoS attacks on their online services, RT reports: https://www.rt.com/news/366172-russian-banks-ddos-attack/



The attacks were powered by compromised IoT devices, according to an unnamed Russian Central Bank official. Early indications are that the Mirai IoT botnet which disrupted DNS services for scores of high-profile websites in October 2016 may be behind the latest attacks but this is unconfirmed: http://www.theregister.co.uk/2016/10/21/dyn_dns_ddos_explained/

The last DOOS attack on this scale against Russian banks was in October 2015, when eight major institutions were targeted.

David Kennerley, director of threat research at Webroot, commented: "These latest DDoS attacks are extremely similar to the recent ones targeted at Dyn last month, and really drives home the security issues of the Internet of Things. While attacks like these are complicated, there's still an element of basic security that could have reduced success – password management.

"Consumers and end users need to understand the importance of changing your password from the manufacturer's default. If the default password had been changed, many of the webcams and CCTV devices that formed the botnet army would not have been successfully hijacked."

Paul McEvatt, senior cyber threat intelligence manager for Fujitsu in UK and Ireland, added: "The issue is that IoT device manufacturers are failing to implement robust security controls from the outset, whether that's for routers, smart devices or connected cars. Anyone can use online services such as Shodan to look for vulnerable IoT devices, making organisations an easy target for low-level cyber-criminals. The worrying reality is that security is often an afterthought and security fundamentals are still not being followed such as changing default passwords."

(ElReg)

Samker's Computer Forum - SCforum.info

Sponsored Links:




 

With Quick-Reply you can write a post when viewing a topic without loading a new page. You can still use bulletin board code and smileys as you would in a normal post.

Name: Email:
Verification:
Type the letters shown in the picture
Listen to the letters / Request another image
Type the letters shown in the picture:
Second Anti-Bot trap, type or simply copy-paste below (only the red letters):www.scforum.info:

Enter your email address to receive daily email with 'SCforum.info - Samker's Computer Forum' newest content:

Terms of Use | Privacy Policy | Advertising