Cyber Incident Victim: Moscow Exchange
Date:
Mar 2022
Location:
Russia
Summary
Anonymous launched DDoS attacks against Russian government websites, including the Federal Security Service and Stock Exchange, as part of their OpRussia campaign supporting Ukraine. The coordinated strikes overwhelmed the targets' infrastructure, forcing prolonged outages that persisted for hours and disrupted access to critical financial and state services. This incident occurred amid Anonymous' broader hacktivist operations targeting Russian entities following the invasion of Ukraine, leveraging network disruptions to protest governmental actions.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actor | Type | Location |
|---|---|---|
| 1 actor | Available to members | Available to members |
Description
On March 15, 2022, at approximately 12:12 PM GMT, the Anonymous hacktivist collective executed distributed denial-of-service (DDoS) attacks against multiple high-profile Russian government and financial websites as part of their declared "OpRussia" campaign. The attacks simultaneously targeted the Federal Security Service (FSB) at fsb.gov.ru, the Russian Stock Exchange at moex.com, the Moscow International Portal at moscow.ru, the Ministry of Sport of the Russian Federation at minsport.gov.ru, and the Analytical Center for the Government at ac.gov.ru. These coordinated attacks overwhelmed the targeted websites with excessive traffic, causing immediate service disruption. All five sites became unreachable to public visitors within the attack window. Seven hours after the initial assault, all targeted domains remained completely offline according to contemporaneous reports, indicating sustained disruption to critical Russian digital infrastructure. The Russian Stock Exchange's outage represented a significant operational impact given its role in financial market operations. No technical details about attack vectors or traffic volumes were disclosed in available reporting.
This incident occurred within the broader context of Anonymous' declared support for Ukraine following Russia's military actions beginning February 24, 2022. The collective had previously targeted Russian state media outlets, streaming platforms, and surveillance systems, including a notable breach of 400 Russian surveillance cameras that were defaced with anti-Putin messages. The March 15 attacks marked an escalation by simultaneously disabling multiple government and financial domains. Anonymous explicitly linked these operations to retaliation against Russian military activities in Ukraine. The prolonged seven-hour downtime across all targets demonstrated the operational effectiveness of the attacks, though no data breaches or permanent system compromises were claimed. Russian authorities did not publicly acknowledge the incidents or detail mitigation efforts in the immediate aftermath. The attacks formed part of a sustained pattern of hacktivist activity against Russian digital assets during this period, with Anonymous affiliates concurrently targeting other infrastructure including space research institutes and electric vehicle charging stations.