Gazprombank complained about a powerful DDoS attack

On September 6, bots were set on the services of Gazprombank. As a result of a DDoS attack, the company’s website, call centre and SMS provider were affected. The information security department of Gazprombank complains that the security forces do not help businesses in the cyber war.

“Gone are the days when the threat model consisted of crime and the goal was profit. Now, these are politically savvy groups with the idea of ​​bringing down something, doing something bad,” Alexander Yegorkin, First Vice President of Gazprombank, began his speech at the Business Information Security Summit with these words.

Egorkin spoke about the large-scale DDoS attack that Gazprombank services suffered on September 6th. The hacktivists set up thousands of bots that simultaneously filled out questionnaires on the bank’s website. The attackers entered data from the leaks of the ISP into the form, and the ISP automatically sent messages to the specified phone numbers.

As a result, the website and the call centre of Gazprombank, as well as the SMS provider itself, “fell down”, says Egorkin.

“We must pay tribute, the attackers were seriously preparing,” Yegorkin justifies himself. On the same day, the client bank and the firewall of Gazprombank were attacked. According to the top manager, the restoration work took about four hours.

Egorkin believes that in today’s difficult conditions of cyber warfare, banks are left face-to-face with hacktivists. Power structures do not pay due attention to either prevention or investigation of incidents.

We were “didosilied” from Russian, Belarusian and Chinese IP addresses, the information security specialist adds. “ Internet proxies” and law enforcement agencies could quickly find an attack control centre and block the server. But nobody does this.

“Every man is for himself in this cyberspace,” Yegorkin regrets.

The representative of Gazprombank believes that the state should actively help businesses in the fight against attacks.

Already at another discussion, the participants of the round table “IS landscape and strategy through the voices of practitioners” were asked whether the state should interfere more in the “showdown” of big businesses with cybercriminals.

Large financial and commercial organizations should assess their risks themselves, said Roman Morozov, head of the Information Security Department of the Security Department, Capital Group.

The state is already doing enough, other speakers added.

A representative of a commercial bank in Kyrgyzstan also complained about the increase in attacks.

“ All the scammers who had previously terrorized Russian users with their calls have switched to our citizens,” said Batyrbek Abdrashitov, head of the IS Service. “Including because the official state language in Kyrgyzstan is Russian.”

The swindlers scaled their scenarios to Kyrgyz citizens.

After the introduction of anti-Russian sanctions, Kyrgyzstan became a springboard for supporting banking services “withdrawn” in Russia, recalls Abdrashitov. At the same time, the risks have increased.

“It would be useful and pleasant for us to take part in cyber exercises together with Russian colleagues,” adds Abdrashitov.

Businesses also have questions about import substitution, which is now commonly called “digital independence”.

In Gazprombank, more than half of the systems have already been imported, says Egorkin. A few dozen more products are being tested. According to the top manager, the main complaints about Russian solutions are load characteristics, poor functionality, failures and an “unfriendly” interface.

Yuriy Zabavin, head of the IB department at RusGazShelf, agrees with this assessment:

“Many Russian solutions that our vendors now offer instead of the departed ones have crutches. Many top solutions have left the market. The Russians cannot fully replace it. The interface and load characteristics do not cope, and much is under development. We are looking for domestic analogues that would satisfy us. But many foreign money decisions were cheaper than ours. Now I am budgeting. I don’t know yet how I will defend this budget if decisions in 2022 for the same number of people cost much more than in 2021.”

Restrained emotions were aroused among business representatives by the initiative of turnover fines for leaks. At the first plenary session of BISS’22, the regulators actively demanded more accountability for the players.

According to the vice president of Gazprombank, if the bank has implemented all the necessary information security solutions and meets the requirements, there is nothing to punish it for.

“Any system is vulnerable,” says Egorkin. – Anyone who says that it is possible to build an invulnerable system does not understand anything in information security. With unlimited money and time resources, you can hack any system.”

In addition, high turnover fines can provoke blackmailers, participants in the discussion say.

Turnaround fines for leaks is a philosophical question, there is no ready-made solution yet, cybersecurity experts from business concluded.

Catch up on more articles here

Follow us on Twitter here


Must read


Related Posts