Russian banks floored by withering DDoS attacks
IoT blamed. Again.
At least five Russian banks weathered days-long DDoS attacks this week.
A wave of assaults began on Tuesday afternoon and continued over the next two days. Victims include Sberbank and Alfabank, both of which confirmed DDoS attacks on their online services, RT reports.
The attacks were powered by compromised IoT devices, according to an unnamed Russian Central Bank official. Early indications are that the Mirai IoT botnet which disrupted DNS services for scores of high-profile websites in October 2016 may be behind the latest attacks but this is unconfirmed.
The last DOOS attack on this scale against Russian banks was in October 2015, when eight major institutions were targeted.
David Kennerley, director of threat research at Webroot, commented: "These latest DDoS attacks are extremely similar to the recent ones targeted at Dyn last month, and really drives home the security issues of the Internet of Things. While attacks like these are complicated, there's still an element of basic security that could have reduced success – password management.
"Consumers and end users need to understand the importance of changing your password from the manufacturer's default. If the default password had been changed, many of the webcams and CCTV devices that formed the botnet army would not have been successfully hijacked."
Paul McEvatt, senior cyber threat intelligence manager for Fujitsu in UK and Ireland, added: "The issue is that IoT device manufacturers are failing to implement robust security controls from the outset, whether that's for routers, smart devices or connected cars. Anyone can use online services such as Shodan to look for vulnerable IoT devices, making organisations an easy target for low-level cyber-criminals. The worrying reality is that security is often an afterthought and security fundamentals are still not being followed such as changing default passwords." ®