Russian telecom giant repels DDoS attacks on country’s 5 largest financial institutions
All the attacks were recorded on December 5, 2016, the longest of them lasting for over two hours, Rostelecom said on Friday.
“The analysis of the attack sources carried out by Rostelecom specialists revealed that the traffic was generated from the home routers of users who are usually referred to IoT devices,” Muslim Medzhlumov, director of the Cybersecurity Center for Rostelecom, said in a statement, published on the company’s website.
“A distinctive feature of the attacks was that they were organized with the help of devices that support the CWMP Management Protocol (TR-069). A few weeks ago, a serious vulnerability was revealed in the implementation of this protocol on a number of devices from different manufacturers, which allows attackers [to] organize DDoS-attacks. At the beginning of last week, the largest German operator Deutsche Telecom was subjected to an attack on users’ home devices, as well as the Irish provider Eircom,” he explained.
The Russian Federal Security Service (FSB) reported on December 2 that it had received intelligence of foreign intelligence services preparing large-scale cyber-attacks in Russia in the period starting from December 5, 2016, aimed at destabilizing Russia’s financial system and the activities of a number of major Russian banks.
A RIA Novosti source close to the Central Bank reported that the Bank of Russia recorded several attacks on December 5 on the site of VTB Bank Group.
On Tuesday, Russian President Vladimir Putin signed into effect an updated doctrine on information security. It states that the limitless flow of information has a negative impact on international security, as it can be employed to pursue geopolitical and military goals, thus favoring organized crime, extremists and terrorists.
The doctrine notes that Russian government agencies, scientific centers, and military industries are being targeted by foreign intelligence services by means of electronic and cyber surveillance.
To counter threats and challenges in the information environment, Russia will build “strategic deterrents” and step up efforts to “prevent armed conflicts that stem from the use of IT.”
The doctrine also instructs government agencies to strengthen critical information infrastructure to protect against cyber and computer network attacks.