Monobank, one of Ukraine’s prominent online banking services, recently faced a significant distributed denial-of-service (DDoS) attack. Beginning on Friday evening and lasting through Monday morning, the attack involved a staggering 7.5 billion requests per second. Oleh Horokhovskyi, the bank’s CEO, mentioned that such a massive-scale attack was unusual. However, according to Horokhovskyi, the operations of the bank remained unaffected due to rapid collaboration with Ukraine’s security services and Amazon Web Services. There is some disagreement in various media reports on the effects the attack had on the consumer-facing services of the bank.
The attempt to flood the bank with junk internet traffic primarily aimed to disrupt a specific service used by many Ukrainians to raise donations for the military. As a mobile-only bank, Monobank’s infrastructure is vulnerable to such attacks. During a previous incident in January, the bank faced 580 million service requests over three days.
Key Points:
Horokhovskyi pointed out that this particular attack aimed at hindering the platform used to collect military donations. This service utilizes virtual wallets, making it easy to share and contribute through social media platforms like Instagram. Since Ukraine’s recent incursion into Russia’s Kursk region, the donation rate from customers tripled.
The ongoing donations via Monobank have likely frustrated adversaries, prompting the cyberattack. While Monobank hinted that Russia might be behind the attack, no concrete evidence has been presented. Horokhovskyi labeled Monobank as one of Ukraine’s IT targets facing frequent attacks.
Comparative Incident :
Another Ukrainian entity, EasyWay, which provides public transport information, reported a DDoS attack on the same weekend. The attack posed a potential risk to their operations, but like Monobank, they did not identify a specific group as responsible.
Interestingly, Russian services are also dealing with DDoS attacks, often originating from Ukraine. For instance, government websites and critical infrastructure in Russia’s Kursk region were targeted following Ukraine’s military activities. Large Russian banks confirmed experiencing DDoS attacks, which disrupted their mobile apps and websites.
Broader Context :
This ongoing cyber retaliation reflects the escalating cyberwarfare between Ukraine and Russia. Both countries experience cyberattacks aimed at digital banking services, government websites, and critical infrastructure.
In summary, Monobank’s latest incident underscores the persistent cyber threats faced by Ukraine’s online banking sector. The collaboration with security services and tech companies like Amazon Web Services played a pivotal role in mitigating the attacks, preserving operational integrity despite the high volumes of malicious traffic. Both Ukrainian and Russian services continue to navigate the complexities of these cyber challenges amidst the broader geopolitical conflict.
Monobank quickly identified the onset of the Distributed Denial-of-Service (DDOS) attacks and implemented emergency protocols to mitigate the effects. Their team collaborated with Amazon Web Services to manage the vast number of requests, ensuring that the core banking services remained operational despite the disruptions. This quick response helped to minimize the impact on their customers.
The DDOS attacks temporarily overwhelmed Monobank’s infrastructure, causing delays and intermittent service issues. Although the core banking functions were largely unaffected, the sheer volume of fake traffic created challenges in maintaining seamless service. Other Ukrainian banks experienced heightened security measures and possible slowdowns as they also prepared for potential threats.
Ukrainian banks, including Monobank, are enhancing their cybersecurity strategies. They are investing in advanced firewall technologies, regular security audits, and collaboration with international cybersecurity firms. These measures aim to fortify their networks against similar future attacks and ensure continuous service delivery to customers.
Monobank’s co-founder and CEO, Oleh Horokhovskyi, has been transparent about the attacks. He confirmed the timeline and scale of the DDoS events and assured customers that steps were being taken to address and prevent further disruptions. The official statements aimed to reassure the public and maintain trust in their banking services.
The attacks on Monobank have prompted other Ukrainian financial institutions to bolster their defenses. While there have been no reports of similarly scaled attacks on other banks, the heightened awareness and readiness across the sector illustrate the broader impact. These institutions are now more vigilant and proactive in their cybersecurity measures to prevent similar incidents.
705-325-6100
8 Westmount Drive South, Unit 4
Orillia, ON L3V 6C9
Website, Branding, Graphic Design and Strategic Content Development by Orillia Computer
Copyright Orillia Computer 2024. All rights reserved.
1000282541 Ont. Ltd DBA Orillia Computer