Five major Russian banks were targeted late last week by a botnet comprised of 24,000 computer and IoT devices. The attacks came from devices in 30 countries, including the United States, India, and Taiwan.
The attacks came in the form of distributed-denial-of-service (DDoS), which sends millions of requests to servers, taking them offline. From there, hackers may be able to compromise systems and steal information, but the five banks have denied any customer information has been stolen.
Sberbank, Alfa Bank, the Bank of Moscow, Rosbank, and the Moscow Exchange were all targeted in the attack, and websites were forced offline for several hours. The attack started on November 8, and it took two days for systems to normalize.
Kaspersky Lab, a Russian security firm, said that at its peak the botnet was sending 660,000 requests per second. The attack is similar to the one that took Netflix, Twitter, and Pinterest offline, utilizing IoT devices, but was not at the same scale.
“These are complex attacks that are virtually impossible to stop with standard tools available to communications providers,” said Kaspersky Lab to Tass, a Russian state news agency.
Kaspersky calls this “calm before the storm”
Kaspersky has also warned that this could be the calm before the storm, hinting that a larger attack may be coming in the next week. Whoever controls the botnet may be scouting to see how fast the banks react to DDoS attacks.
Botnets are starting to become a major problem for the web, as more devices come online with poor security credentials. The surge in IoT devices has provided hackers with oodles of connected devices that can be compromised easily.
The U.S. government issued warnings to the makers of these unsecure devices and the Department of Homeland Security plans to publish guidelines for how to encrypt and secure devices. We have yet to see how Russia will make sure its own systems and devices are safe from botnets.