Russia’s counter-intelligence service – the FSB – has issued a warning that “foreign intelligence services” are preparing a massive cyber-attack on the Russian financial system on 5th December 2016.
The FSB is describing the form of the anticipated attack as follows:
“The cyber attacks are expected to be accompanied by mass SMS and provocative publications in social networks or blogs about “a crisis in the Russian credit and financial system, bankruptcy and withdrawal of licenses of leading federal and regional banks. The campaign is directed against several dozen Russian cities.””
According to the FSB the servers and command centres for carrying out this cyber-attack are located in the Netherlands and are owned by Ukraine’s hosting company BlazingFast.
The FSB has not identified the “foreign intelligence agencies” that are supposedly preparing this attack. However the fact that a Ukrainian company is involved and that the servers and command centres are located in the Netherlands – a NATO state – obviously points in the direction of Ukraine and NATO.
This FSB warning of course comes after US threats to launch cyber-warfare against Russia in connection with the DNC and Podesta leaks.
Though this is the sum total of the information the FSB has publicly provided, it is possible to say more.
Firstly, this would not be the first large scale attempt to destabilise the Russian banking system.
German Gref, the CEO of Sberbank – Russia’s largest bank – has previously said that Sberbank was the target of a what looks like a very similar attack at the height of the rouble crisis in December 2014. According to an interview Gref gave to the Russian newspaper Vedomosti on 27th May 2015, on 18th December 2014 Sberbank suffered a massive information attack, with people receiving text messages saying it was facing problems paying out deposits:
“Unfortunately, we could not avoid the panic. You saw what happened. But I can only say this: first, the attack was coordinated, thousands of sms-messages were sent in each region, including a large number of mailings done from foreign websites. The target was to destabilise the country’s largest bank and financial situation in the country.”
The total amount withdrawn from Sberbank on 18th December 2014 apparently came to some 300 billion rubles (about $6 billion), making it the biggest bank run in Russian history.
According to Gref, Sberbank knows who was behind the attack, though he has never said who.
“I would not like to disclose the results. But we do have specific sites and IP-addresses these mailings were sent from, we even know who these addresses belong to. Not all of them are within our reach. But there is no doubt it was a well-planned provocation.”
This attack ultimately failed despite coming at a time when the Russian financial system was under extreme stress. Today Russia’s banks are stable and well-capitalised, the rouble is stable, the economy is also stable and coming out of recession, and the Central Bank has ample reserves to plug any gaps.
It is very difficult to believe that what failed in the seemingly ideal conditions of the December 2014 crisis can succeed now.
Besides the fact that the FSB claims to have detected this plot so far in advance means that the Russians have ample time to prepare for the attack if and when it comes.
In cyber and financial time a weekend is an age. Already the Central Bank and Russia’s two biggest banks Sberbank and VTB have issued statements saying they are fully prepared and able to deal with any threats.
The last point to make about this affair is that it is very interesting that the FSB has apparently been able to detect the preparations for this attack so far in advance. On the face of it this is a notable counter-espionage success. One wonders how it was done.