Sberbank, Russia’s largest bank, experienced a monumental Distributed Denial of Service (DDoS) attack, reaching an unprecedented peak of one million requests per second. This attack occurred in the midst of the ongoing Russia-Ukraine conflict and is suspected to be the handiwork of Pro-Ukraine hacktivists. Herman Gref, the CEO of Sberbank, confirmed the incident, describing it as their most potent attack thus far.
On October 30, 2023, just two weeks before this event, the National Payment Card System’s (NSCP) website, Mir, fell victim to a cyberattack. The attackers claimed to have utilized NSPK customer data for the attack, an allegation that Mir promptly refuted.
Sberbank has a history of combating significant cyberattacks. In May 2022, the bank successfully managed a massive DDoS attack that peaked at an astonishing 450 gigabytes per second. This attack was executed using a botnet consisting of more than 27,000 infected devices.
The recent assault on Sberbank bears resemblance to similar incidents faced by tech giants like Google, Amazon, and Cloudflare. These companies have reported successfully countering DDoS attacks utilizing the HTTP/2 Rapid Reset technique capable of handling up to 398 million requests per second. This particular type of attack relies on exploiting the stream cancellation feature of HTTP/2 to initiate a Denial of Service (DOS) condition.
The escalating frequency and severity of these cyberattacks underscore the growing cybersecurity threats faced by global financial institutions amidst geopolitical conflicts.
Please note: Any disclaimers or messages indicating adherence to guidelines are not included in the generated response.