All news

Russia registered most powerful cyberattack from abroad on presidential election day

The cyberattack used a botnet of 30,000 computers situated in 86 various countries

MOSCOW, January 31. /TASS/. The most powerful cyberattack from aboard was launched on the day of Russia’s presidential elections in March 2018 to discredit the election results, Deputy Director of the National Coordination Center for Computer Incidents Nikolai Murashov said at the National Information Security Forum, Infoforum-2019, on Thursday.

The Center had registered cyberattacks from abroad since June 2017 against the national segment of the Internet, Murashov said.

The first peak of this cyberattack was registered on the day when the Russian president held his annual Q&A session on June 15, 2017, he said.

"Thanks to the technical measures taken in advance, the cyberattack did not affect such an important event," Murashov said.

"The peak of a new cyberattack wave was registered on March 18, 2018, the day of the Russian presidential elections. The attack aimed to disrupt video surveillance over the voting process across the country which could have unleashed a campaign for discrediting the election results," the Center’s deputy director said.

The cyberattack used a botnet of 30,000 computers in 86 countries. The bot daily generated 15,000 queries for DNS-servers, which created outmost loads, Murashov said.

Over six months, Russian specialists halted the operation of 50,000 sources of cyberattacks and exposed the use of 30,000 domain names by perpetrators. The specialists analyzed 100 samples and 4 modifications of the malware and notified 85 national groups of response to computer incidents about their results, he said.

"As a result, a system of technical measures was introduced. It helped prevent the disruption of the national segment of the Internet," Murashov explained.

The National Coordination Center for Computer Incidents was set up in September 2018 by order of the FSB (Federal Security Service) after a decree by the Russian president on establishing the State System of Detecting, Preventing and Eliminating the Consequences of Computer Attacks on Russia’s Information Resources (abbreviated as GosSOPKA in Russian).