In 2024, the Bank of Russia received over 750 reports concerning cyber attacks targeting financial institutions. The majority of these attacks aimed to disable companies' information infrastructure or make their services unavailable through DDoS attacks. Additionally, fraudsters increasingly attempt to gain access to financial systems by attacking their suppliers.
The hacking methods used are becoming more sophisticated, involving multi-stage and multi-layered approaches. This sophistication sometimes allows hackers to bypass traditional security measures, making it challenging for financial institutions to detect such intrusions. Bank of Russia experts have noted repeated attacks on previously compromised systems, with hackers in some cases selling access to other fraudsters.
To help financial institutions counter these threats and improve infrastructure security, the Bank of Russia conducts regular cyber drills. In 2024, more than 290 companies participated in these exercises.
Analytical data on the main types of cyber attacks in the financial sector for 2024 is available in the Bank of Russia’s review.