Sberbank‘s vice president and director of the cybersecurity department, Sergei Lebed, announced that the company is under heavy DDoS attacks and new cybercrime tactics. Lebed made the announcement during the Positive Hack Days 11, an international forum on practical cybersecurity, in which Sberbank has taken part. The company is Russia’s biggest banking and financial services company, also one of the biggest in Europe.
450+ gigabytes per second
Lebed stated that Russian companies experienced an explosive growth of cyberattacks after Russia’s decision to invade Ukraine. The company repelled the biggest DDoS attack in its history, measured at 450+ gigabytes per second on May 6. The traffic generated by the botnet originated from more than 27,000 devices located in Taiwan, the US, Japan, and the UK.

Lebed also stated that new tactics and tools are also being used, such as code injections into advertising scripts, using a malicious Google Chrome extension, using ready-made docker containers with customized attack tools. Sergei Lebed, vice president and director of the cybersecurity department at Sberbank said,
« While one DDoS attack per week was registered before February 24, already in March we recorded up to 46 simultaneous DDoS attacks on different Sberbank services. The attacks used a wide range of tools, including malicious code embedded in the browsers of users who visited online movie theater sites.
Today, the bank faces cyberattacks around the clock. The Sberbank Security Operation Center analyzes cyber threats 24/7 and promptly responds to them. However, when it comes to companies in other sectors, most of them have never encountered anything like this before and may really suffer damages. »