Russian organizations were deluged with web and DDoS attacks last year in a bid to disrupt operations, deface websites and “sow panic,” according to the country’s largest internet service provider (ISP).
Rostelecom said in a new report that in 2022 it recorded “a record-breaking DDoS attack in terms of power and duration.” The most powerful attack was 760Gb/s – around twice as big as 2021’s top attack, it added.
The longest DDoS lasted 2000 hours, or around three months, the report noted.
The ISP said it analyzed data on almost 600 companies from industries including telecoms, retail, finance and the public sector, and recorded 21.5 million web attacks in total.
The vast majority (79%) of these were DDoS, although vulnerability exploitation including SQL injection, path traversal, local file inclusion and cross-site scripting made up another 11%. OS command injection attacks comprised a further 10%.
Rostelecom said that many of these bugs could lead to hackers taking full control of an affected system and stealing user data.
Most DDoS attacks used a “carpet bombing” tactic of targeting multiple IP addresses for a single organization within a short timeframe, the ISP said. However, after a sharp spike in attacks in the first two quarters of the year following the invasion of Ukraine, attacks apparently became more targeted and sophisticated.
“Websites of Russian companies have become a key target for hackers. The latter actively used DDoS and web attacks to make online resources inaccessible to users, thus disrupting the work of companies and organizations and sowing panic in society,” Rostelecom said.
“Hacktivists used defacement by posting provocative content on popular websites.”
Both sides have used DDoS attacks in an attempt to gain a strategic advantage, although it suits Russia’s narrative to portray itself as a victim.
Ukraine’s efforts have been bolstered by an “IT army” of volunteers from around the world, coordinated via a Telegram channel, while Russian online aggression has also seen targets in countries allied to Ukraine hit by hacktivist outfits loyal to the Kremlin.
This included a major DDoS campaign against US airports by the prolific Killnet group.
That’s not to say Russian organizations haven’t also suffered: among those recording major DDoS attacks were the country’s second-largest bank VTB and a critical state alcohol distribution portal.