Sberbank’s ATM failure: DDoS attack or problems in processing centre?
The country’s biggest bank has gone through a big break in the work of the ATM network and online services in a year
On 31 July morning, clients could not perform transactions with banking cards and use Sberbank Online system. Similar problems arose in different regions of the country, though the financial organisation told about scheduled breaks in their systems one day before. Experts think the source of problems should be looked for in the bank's processing centre or DDoS attacks. Nevertheless, the biggest bank of the country has not failed for the first time. Realnoe Vremya tells the details.
From Moscow to Sakhalin
In Kazan, Sberbank clients noticed difficulties in the work of ATMs at the weekend. It was impossible to withdraw money in the biggest chain of cash dispensers in the first half of the day. Neither Sberbank Online worked. However, the bank warned its clients about the break beforehand having said it would not be possible to pay online at the weekend due to technical works. On Sunday, Realnoe Vremya's reporter was confirmed in the bank's call centre that the shutdown of ATMs was scheduled and was linked to the same services. Sberbank already worked in the evening.
However, on 31 July morning, the scale of the problem became larger. Users throughout the country complained that they could not pay in Sberbank ATMs. Sberbank Online did not work as well. Such cases were noted in different regions of the country – in Moscow, Sverdlovsk and Chelyabinsk Oblasts. According to Khabara.ru, in Khabarovsk, many people could not get money in ATMs and pay via terminals. At the same time, Sberbank cash dispensers accepted cards of other banks. Sakhalin and Kuril newspaper said that only some services of the ATMs were not available: they could not withdraw cash and pay.
Messages about difficulties with Sberbank's ATMs also came from Bashkiria, Tver, Irkutsk, Amur, Novosibirsk, Kemerov, Tom Oblasts, Altai, Krasnoyarsk Krais.
Sberbank's press service unwillingly admitted there was a failure: ''Today in the morning some of Sberbank clients could have temporary difficulties while using banking cards. Now services are performed in the normal course. We apologise for the inconveniences.'' The press service did not specify Realnoe Vremya's reporter the causes of the failure.
''Problems in the work of Sberbank Online could be caused by hacking attacks''
Realnoe Vremya reached out to experts and asked them to explain what could cause the problems of the biggest bank of Russia. However, several companies supplying ATMs and terminals did not want to explain the problems of Sberbank at once. Experts were ready to comment on the situation remaining anonymous. As a representative of the company dealing with banking software and equipment told, the problems in the work of Sberbank Online could be caused by hacking attacks. Earlier it was told the Central Bank detected hacking DDoS attacks on several big banks and gave this information to the police. Sberbank coped with a series of powerful DDoS attacks in November last year that came from tens of countries.
In addition, ''Sberbank's problems can be linked with software in the processing centre located in Moscow,'' one of the biggest banking equipment suppliers thinks. Even while implementing new functions and maintenance service, the bank could have used the reserve space and copied the functions. But as the expert notes, it was not done for some reason.
Sberbank fails
This year large-scale failure in the work of the system of ATMs and online banking at Sberbank happen too frequently. The latest biggest failure in the world payment terminals was on 9 June 2017. Then payments were not received not only through Sberbank terminals but also VTB. The failure also affected different regions of Russia from Moscow to Primorie. Both Sberbank's POS terminals and personal accounts on the bank's page and its cash dispensers. All the transactions with the participation of the bank were cancelled. As a result of the technical failure, clients could not purchase online, transfer money and withdraw cash in POS terminals and self-service devices on MasterСard and Mir for 40 minutes.
However, the financial institutions assured the problems affect less than 10% of card transactions. The failure was explained by the sensitivity of systems of the Federal Service for Supervision of Communications, Information Technology, and Mass Media that allowed to add servers of the bank to the list of banned sites. Mass bans of unforbidden sites on the Internet in Russia started on the first days of June 2017. There were problems with access to servers of Telegram, services of Facebook, Instagram, CNews, mc.yandex.ru (Yandex metrics), code.jquery.com (JavaScript cloud library), servers of Wargaming (creator of Word of Tanks), etc.
ATMs and online services of Sberbank also failed in spring: users massively complained about problems in the work of the biggest financial institution of the country. People could not make transactions via terminals, pay with a card for services and withdraw cash. In April, the bank explained the failure in the work of ATMs by implementing new functions. On 10 November 2016, the failure brought to delays in servicing clients' requests.
Later the bank explained Sberbank Online was severely attacked by DDoS many times one day before, which lasted for several hours. But the bank security system managed to neutralise the DDoS attacks, so they did not do harm.