Sberbank, a State-Owned Russian Bank, Suffers a DDoS Attack with 1 Million RPS
The attack unleashed a million requests per second (RPS), quadrupling the magnitude of any past attack on the bank. Sberbank suspects that new, highly proficient hackers are directing their efforts towards major Russian resources.
Sberbank, Russia's preeminent financial institution and a state-owned banking behemoth, recently endured what it has labeled as the most intense distributed denial of service (DDoS) attack it has ever faced. The assault unleashed a staggering one million requests per second (RPS), quadrupling the magnitude of previous attacks encountered by the bank.
As Russia's largest bank, Sberbank holds a significant portion of the nation's financial assets. In the wake of Russia's military actions in Ukraine, the bank has been subjected to international sanctions and targeted attacks by hacktivist groups aligned with the West.
According to reports from the Russian news agency Interfax, this latest cyber onslaught presented a new level of sophistication, perpetrated by previously unknown attackers exhibiting advanced cyber capabilities.
While the one million RPS mark is indeed noteworthy, it pales in comparison to the colossal DDoS attacks that have recently hit the headlines, leveraging the 'HTTP/2 Rapid Reset' technique to generate up to a hundred times more impact.
Amazon Web Services, Cloudflare, and Google have each mitigated attacks with peak RPS in the hundreds of millions, showcasing the escalating scale of cyber warfare in the digital age.
Back in May 2022, Sberbank withstood a DDoS bombardment that reached speeds of 450GB/sec, powered by a botnet consisting of 27,000 hijacked devices. This attack primarily aimed at disrupting the bank's online customer services.
More recently, Russia's financial infrastructure suffered another digital blow when the National Payment Card System (NSPK), which operates the Mir payment card system, saw its website compromised and defaced with messages hinting at a data breach affecting clients.
NSPK, however, reassured the public that no sensitive customer data was at risk, as the affected website does not retain such information. They further confirmed that the payment system's operations remained unaffected by the cyberattack.
Hacktivist entities from 'DumpForums' and the Ukrainian Cyber Alliance have since claimed responsibility for this breach, alleging the exfiltration of 31 GB of potentially sensitive data, as reported by TheRecord.