The largest banks of Russia in tens of cities have become targets of massive cyber attacks prepared by the foreign intelligence agencies, according to the Federal security service (FSB). According to her, the attack must begin on 5 December.
“As a result quickly-investigation actions it is established that the server power and command centers for cyber-attacks located in the territory of the Netherlands and belong to a Ukrainian hosting company BlazingFast”, — stated in the message Department.
According to the FSB, a cyber attack must be accompanied by a mass sending provocative SMS messages and stuffing in social networks information on bankruptcy and revocation of the licences of the leading banks of Federal and regional significance and the crisis of the financial system. The Agency announced the adoption of the necessary measures to neutralize threats to economic and information security.
For its part, the Ukrainian company Blazingfast confirmed “RIA Novosti”, that her clients in the Netherlands. “We have mostly foreign customers. We have a little Russian or Ukrainian clients… Yes, we have in the Netherlands. You called and this information is already somewhere there, then we’ll begin to test this whole thing”, — said the Agency an unnamed representative of the company.
“To wreak havoc”
The press service of the Bank of Russia on Friday afternoon reported that the regulator has complete information about the threat and gave necessary guidance to the banks. “The situation is under control”, — said the press service of the Central Bank. She also noted that attempts to destabilize Russia’s financial system has been in the past, including at the end of 2014, when the joint action of the credit institutions with the support of the Bank of Russia allowed “to resist the development of negative trends caused by the directional information attack”.
The Association of Russian banks (ARB), citing data from the FSB and the Central Bank warned that hackers are preparing attacks on the websites and mobile services banks and sending “hundreds of thousands of SMS messages” and “mass publication” social networks “sowing panic and calling for mass closure of deposits”.
“Attackers could spread false information about the lack of cash in ATMs of some banks, the “leak” on the introduction of restrictions on the issuance of funds and closing of branches of some banks, on receiving from supposedly reliable sources of information about the races of the ruble and what they plan to limit the issuance of currency. This false information may be followed by comments from supposedly worried citizens proving this false information”, — stated in the message ARB received .
The names of the banks in respect of which, according to the FSB, he was preparing an attack, the secret services are not specified. The press service of Sberbank said on 2 December that the lender has not imposed any restrictions after the news of the FSB and is operating normally. Comment on “communication relating to the competence of law enforcement agencies”, the press service of Sberbank did not.
The press service of VTB group, said on the “guaranteed full protection and operations” of the Bank. The head of VTB Andrey Kostin said that the banking group receives information about impending attack “very seriously”. “I talked with our offices, we have no such facts yet, but we are ready. We do have a reliable security system, and all the previous attempts, in General, had no success,” he told journalists (quoted by “Interfax”). Kostin also expressed confidence that other major banks, “too, their systems are kept always in readiness”.
The representative of Alfa-Bank said that the Bank’s management has detailed information about the planned cyber attacks and potential information stuffing that can accompany these attacks. “We believe that this will be one of the previously known varieties of attacks, but stronger in power and duration,” said the representative. According to him, for protection from such threats, the Bank uses multi-level security system. “We are confident that it will enable us to prevent the negative consequences from cyber attacks and to ensure continuity of service to our customers”, — said representative of Alfa-Bank.
In a press-service “FC Opening” have informed that have information about the threat of cyber attacks, adding that the Bank “was built and constantly improved multilevel system which allows you to repel the attacks kiberprestupnikov”. “The Bank is aware of, and all necessary measures to protect regularly taken,” — said the press service of the UniCredit Bank. Head of external communications Sovcombank Maria Maksimova refused to comment.
The press service of AK BARS Bank said that the warning of impending cyber attack in the Bank were reported. “In order to further strengthen and prevent possible DDoS-attacks on information resources of the Bank duty service are on high alert,” — said the press service.
In ROSBANK, Bin Bank, Promsvyazbank, Rosselkhozbank, Swashbot, Moscow credit Bank, Mosoblbank, banks “URALSIB”, “Russia”, “Saint Petersburg”, “Russian standard”, the Ural Bank for reconstruction and development, “Ugra” National clearing centre the requests for review have not yet responded.
“Forewarned is forearmed”
Exactly who might be behind the attacks, which warns of the FSB, at the moment, hard to say, said the development Manager of international business Group-IB company Victor Ivanovo. In any case, at the end of the year the Russian banking system is becoming very attractive for hacker attacks, including those aimed at robbing, he said.
“Most likely, the main target of attacks, which the FSB says, is to provoke the flow of customers to the banks, wanting to withdraw their money,” — said the analyst. According to him, it directly alludes to the phrase that the attack will be accompanied by a mass mailing of SMS-messages and provocative publications in social networks. Usually held parallel to and hacking into the internal system of the Bank to its customers could not use banking services and, again, went to branch to close their deposits, added Ivanovo.
“Usually the vast majority of Russian banks say they are well protected from cyber criminals. But are they all the requirements of the Central Bank on information security, not until it becomes aware of new successful attack,” said Ivanovsky.
Banking systems are protected reliably, and besides, “forewarned is forearmed,” said the Deputy Director General of InfoWatch Rustem Khairetdinov. “Attacks in social networks is quite simple and effective — a fake news about the withdrawal of licences, termination of transactions on the cards, restrictions on withdrawals, etc., or inside of the type “my mom’s friend works in a Bank and you take all the money” that are planted in top bots managed to a critical mass, after which users of the social networks themselves are beginning to distribute them. It was important for banks to warn their customers and be prepared for communications during information attacks in social networks, through call-center and in the media,” said Khairetdinov.
The state Duma Committee on budget will apply to the Bank with the requirement to submit the entire list of measures to protect the banking system against cyber attacks, said at the plenary session of the Duma on Friday, the Chairman of the Committee Andrey Makarov. According to him, the threat of cyber attacks on the banking system is “a systemic threat”. According to him, in November, the banking system has already been attacked. Makarov did not rule out that happening — the promised response from the US authorities on the election of a cyber-attack in which he accused the authorities of Russia.
The attack on the democratic party
Earlier, the US government has repeatedly accused Russia of involvement in the hacking of computer networks of the political parties of the United States, in particular electronic correspondence of the leaders of the Democratic party, and U.S. government resources. “As I said, was clear evidence that they (Russian hackers. —) involved in the cyber attacks. This is not a new phenomenon for Russia,” — said in mid-November at a press conference in Berlin, US President Barack Obama.
In early November, U.S. Secretary of state John Kerry said that Washington will respond to Moscow on cyberattacks by hackers in a “timely manner”. “This measure will be adopted in the terms set by the President and may not be visible to you,” he said. Kerry stressed that there is no question that “just sitting”, not “accepting responses.”
In November, Deputy chief of the security and protection of Bank of Russia Artem Sychev said that the Bank together with the FSB, the Investigative Committee and the interior Ministry developed a document that will allow us to share evidence of cyber attacks on banks, the investigation authorities and use them as evidence in court.
November 9 “Kaspersky Lab” reported about a series of hacker attacks which were made on the servers of five of the ten largest banks in the country.