Yandex fighting the massive DDoS attack: services and data not impacted

The biggest attack in Russian internet history carried out by a botnet

Botnets distributed the attack that already stopped the company for a week. Data reportedly not affected

Russian media reports stated and U.S. researchers confirmed that the DDoS attack targeting Yandex is the largest today.^[1] Russian internet giant Yandex is a multinational corporation providing over 70 Internet-related products and services, including transportation, search and information services, e-commerce, navigation, mobile applications, and online advertising. The company has been targeted by a massive denial-of-service (DDoS) attack that apparently started last week and still actively happening this week.

Reports describing the cyber assault and stating that this attack is the biggest in the Russian internet, the RuNet, history. It seems that the Yandex company itself confirmed the attack. With the distributed denial-of-service (DDoS) attack, hackers attempted to flood a network with unusually high volumes of data traffic in order to paralyze it completely. The attack was using a new botnet that has the power of the network equipment from the vendor based in the Baltic region.

The attack was reported by Vedomosti and U.S. cybersecurity firm Cloudflare, which is widely used by businesses and other organizations to help defend against DDoS attacks. Despite the confirmed scale of the attack, Yandex officials shared the recent attack did not impact the work of services. User data was not affected as the threat was repelled by the companies network infrastructure and the system for filtering unwanted requests.^[2]

Attack first hit servers during the weekend and carried into this week

The attack on Yandex started during the weekend and firstly impacted the company’s servers, but the attack is still going as time passes. It looks like more details could be hidden due to an ongoing internal audit, but it is noted that the incident represents a threat to infrastructure on a national scale. Typically, DDoS attacks are carried out by botnets, large collections of compromised internet-connected devices receiving commands from an administrator.

In the most recent times, most of the cyberattacks are based on Botnet and cause most serious security issues to the Internet. Botnets continue to evolve so does the continuous and challenging issue. The term botnet is a common word describing a computing platform that attackers can control remotely by invading several noncooperative user terminals in the network space.^[3]

Botnet attacks not only cause network equipment paralysis or problems but could also seriously affect the country at the political and economic level, involving military aspects as well. Many newspapers and magazines have covered Botnet attacks; nowadays, hackers seem to focus more on major, global and multinational companies, like in this case, with Yandex. That's why net security should be the foundation of each computer field and the development of any area of business.

DDoS tries to stop businesses around the world

It's not just Russian Yandex that is facing major security difficulties. On September 8th, New Zealand's cybersecurity agency Cert NZ shared via Twitter that a number of country organizations were being targeted by a distributed denial of service (DDoS) attack. Among the affected companies were ANZ New Zealand's internet banking app and website, Kiwibank, MetService, New Zealand Post, and Inland Revenue websites.^[4]

Cert NZ later stated that the situation was stable, things were monitored, and all affected parties worked together to fix the problem. Most sites were back online soon enough, but the investigation is still undergoing.^[5] Similar attack happened last year when New Zealand Stock Exchange (NZX) was forced offline for almost an entire week due to a DDoS attack.