Russia suffered record number of DDoS attacks last year: report
Russia’s private businesses and state services faced a record number of distributed denial-of-service (DDoS) attacks last year, fueled by pro-Ukrainian hackers, according to a report published this week by Russia’s largest telecom provider Rostelecom.
At the beginning of the war, DDoS attacks against Russia were massive and unsophisticated, according to cybersecurity experts. But throughout 2022 they became more destructive and targeted, Rostelecom said, with its experts identifying at least 21.5 million critical web attacks.
Rostelecom researchers analyzed DDoS attacks between January and December last year that targeted about 600 Russian organizations from various industries, including finance, education, and government services.
The goal of these attacks — which work by flooding victim sites with junk traffic, making them unreachable — is "to make Russian websites inaccessible to users, thereby disrupting the work of companies and organizations and sowing panic in society," the report said.
Since Russia invaded Ukraine a year ago, both countries have seen a surge in tit-for-tat cyberattacks. DDoS attacks in particular have been popular among unskilled and politically motivated hacktivists.
DDoS in Russia
The Russian public sector suffered the most from cyberattacks, especially at the beginning of the war, Rostelecom said. DDoS attacks on Russian government services accounted for an estimated 30% of all attacks of this type, and attacks on the sector were up twelvefold compared to the previous year.
DDoS attacks on state services "create nervous tension in society," cause "irritation and panic among users," and "undermine the reputation of the government," according to Rostelecom.
Among other popular targets were Russian financial and educational services, including university websites.
Most DDoS attacks were not very powerful and did not last long, but there were exceptions — one attack lasted almost three months.
In addition to DDoS attacks, Russian organizations have also suffered from an "unprecedented" number of data leaks.
Over the past year, hackers have leaked the data of three out of every four Russian citizens, according to the Russian data leak monitoring service DLBI. These leaks contained passwords, information about the use of various online services, and contact information, including 99.8 million unique email addresses and 109.7 million unique phone numbers.
The founder of DLBI, Ashot Oganesyan, linked the growth of data leaks with the activities of pro-Ukrainian hackers.
“Many Russian companies, including the largest ones, turned out to be unprepared to protect their data, which led to such large-scale leaks,” Oganesyan said in an interview with the Russian news agency Interfax.
Daryna Antoniuk is a freelance reporter for Recorded Future News based in Ukraine. She writes about cybersecurity startups, cyberattacks in Eastern Europe and the state of the cyberwar between Ukraine and Russia. She previously was a tech reporter for Forbes Ukraine. Her work has also been published at Sifted, The Kyiv Independent and The Kyiv Post.