Cybersafetyconnections September 16,2024 vol#186 

  • From Konbriefing there was a cyberattack on a telecommunications provider in Russia that impacted WhatsApp and Telegram. 
  • This cyberattack affected online service WhatsApp and Telegram in Russia. 
  • Denial-of-service (DDoS) was reported as the source of cyberattack. 
  • No cybercriminals have claimed responsibility for the attack. 
  • Here is how the loss from the cyberattack was mitigated. 

What happened? 

Designer on Copilot powered by DALL-E3 

DerStandard.de reported that according to the Russian state media regulator Roskomnadzor, a cyber-attack resulted in a temporary, widespread disruption of the online services Telegram and WhatsApp in Russia. 

Who was impacted? 

ImageDesigner on Copilot powered by DALL-E3  

Telegram and WhatsApp users in Russia. 

Why did this happen? 

What we know about the cyberattack is that the Russian authority blamed the disruption on a “DDoS attack on Russian telecommunications providers. Denial-of-service (DDoS) attacks normally hold up access to a system by flooding it with requests. 

Which cybercriminal group was responsible? 

   Designer on Copilot powered by DALL-E3  

No cybercriminal group/perpetrator has claimed responsibility for the attack. 

How was loss from the cyberattack mitigated? 

OWASP Threat and Safeguard Matrix 

Roskomnadzor reported that the attack was driven away, and the services resumed their normal operations. 

  • Notably, this type of cyber-attack is considered rare in Russia.  
  • The Kremlin had increased its control over the internet since the war in in Ukraine in February 2022, which led to banning several online services such as Facebook, Instagram, and X.  
  • Still these websites remain accessible via VPN connections. 
  •  While the video platform YouTube was not subject to a ban, there were circulating rumors regarding a potential ban.  
  • In March 2022, Roskomnadzor had accused Google and YouTube of engaging in “terrorist” activities.  
  • Again, Ukraine has experienced numerous cyberattacks since the commencement of the Russian offensive, with government websites often being the primary targets. 
  •  Ukrainian authorities have always accused Russia of having a hand in these incidents, a claim that Moscow refutes. 

As usual, my partner in blogging Copilot has this to say about loss mitigation strategies: 

Howdy! To prevent and mitigate loss from a DDoS attack, especially one affecting critical services like WhatsApp and Telegram, here are some key strategies: 

  1. Implement DDoS Protection Services: Use specialized DDoS protection services that can detect and mitigate attacks in real-time. These services can filter out malicious traffic before it reaches your network1
  1. Scalable and Distributed Infrastructure: Distribute your network infrastructure across multiple data centers and use load balancing to manage traffic. This helps in absorbing and mitigating the impact of DDoS attacks1
  1. Rate Limiting: Limit the number of requests a user can make to your server within a specific time frame. This can help prevent your servers from being overwhelmed by malicious traffic1
  1. IP Blocking and Filtering: Block traffic from known malicious IP addresses and use firewalls to filter out suspicious traffic2
  1. Traffic Monitoring and Anomaly Detection: Continuously monitor network traffic for unusual patterns and spikes. Early detection of anomalies can help in responding to attacks more swiftly1
  1. Redundancy and Failover: Ensure you have redundant systems and failover mechanisms in place. This can help maintain service availability even if one part of your network is under attack2
  1. Regular Updates and Patches: Keep all systems and software up to date with the latest security patches to protect against known vulnerabilities3
  1. Incident Response Plan: Develop and regularly update an incident response plan. This should include steps for identifying, mitigating, and recovering from DDoS attacks4

Conclusion 

By implementing these strategies, organizations can significantly reduce the risk and impact of DDoS attacks. If you have any specific questions or need further details, feel free to ask! 

1: Kinsta 2: Byos 4: CISA 3: Radware 

Subscribe to get the latest blog post.