Hackers began to attack agricultural and logistics companies more often


The number of network cyberattacks on Russian companies in the second quarter increased by about 40% compared to the same period last year and by more than 13% compared to the beginning of 2023. The direction of the main blow has shifted from entertainment resources to the services of the agricultural sector, educational institutions and logistics companies. Cyber ​​defense methods become outdated quickly, and attacks are often successful, as was the case at the beginning of the month with the network resources of Russian Railways.

The number of DDoS attacks (attacks on the server according to the “denial of service” model) for the second quarter of 2023 increased compared to the same period last year from 120 thousand to 176.3 thousand, by 46%, according to a study by a vendor of DDoS cybersecurity solutions -Guard. Relative to the first quarter of this year, the growth was 13.5%, and their average number per day – 11.7%. If in the first quarter of 2023, hackers most often attacked regional media and entertainment services, such as online cinemas or game servers, then in the second quarter, attackers switched to universities, travel services and agriculture, the company notes.

At the end of last – beginning of this year, there was a tendency to reduce the number of attacks with a simultaneous increase in their complexity and targeting accuracy, but in the second quarter the trend changed again, explains Alexander Lyamin, CEO of Qrator Labs: “The number of attacks began to grow again, and business motives and various seasonal changes, and not geopolitical factors, as before. Industries such as travel services, education, and logistics had the largest number of attacks in the second quarter, he confirms.

So, since April, the AgroSignal service of the Russian company InfoBis, which develops and implements information systems in agriculture, has been attacked more than 20 times, and malicious traffic exceeded 5 Gbps, while usually communication channels are designed to pass up to 1 Gbps. /s, shared in DDoS-Guard. “Tools for precise agronomic work and cost control improve the quality characteristics of crop products,” says Denis Sivtsov, head of network protection at the L3-4 DDoS-Guard level. According to him, in the event of a long downtime and unavailability of the service, agribusiness will suffer multimillion-dollar losses.

In AgroSignal, “Kommersant” was told: “The unpleasantness of the attack was temporary difficulties with logging in for users.” However, the level of security at the time the attacks began made it possible to prevent damage, for example, data corruption, said Vladimir Korshunov, CEO and co-founder of AgroSignal.

More significant was the cyberattack on the IT resources of JSC Russian Railways, through which the company, among other things, sells tickets. Russian Railways reported failures in the operation of the website and mobile application on the morning of June 5, by the evening of the same day, most of the services were restored, but the company warned: “Due to the increased load on the company’s information resources, some difficulties may still be observed” (see. “Kommersant” dated July 5). The next day, the company again reported disruptions. Russian Railways did not respond to Kommersant’s request.

“As is usually the case with large corporations, Russian Railways was preparing for the “last war,” says Kommersant’s interlocutor in the cybersecurity market. He explains that the methods that in February 2022 helped to reduce the load due to cyber attacks – for example, blocking traffic from abroad via GeoIP – are now completely ineffective, but a number of companies continue to use them.

Intensive cyberattacks on the Russian IT infrastructure have been going on since last year. To reduce the risks of cyberattacks, the Main Radio Frequency Center (GRC, subordinate to Roskomnadzor) ordered the creation of the National DDoS Attack Countermeasures System for 1.4 billion rubles in the spring. The deadline is indicated no later than March 12, 2024 (see Kommersant dated June 13).

Tatyana Isakova

Leave a Reply

Your email address will not be published. Required fields are marked *