MOSCOW, June 24 The website of the Moscow Exchange was attacked on Monday by hackers from the group “IT Army of Ukraine”, they used the tactics of “carpet bombing” “The National Payment Card System (NSCP, the system’s operational and payment clearing center) and the three largest Russian banks were attacked in the same way, a source in the cybersecurity market said.
The Moscow Exchange website was down for more than 20 minutes on Monday from the start of trading at 10:00 Moscow time. At the same time, trading took place as usual — without interruptions. 
“The attack began at 9.55 from the “IT Army of Ukraine”. It followed the principle of carpet bombing. At the beginning of the year, the cyber group carried out attacks on small players in the Russian market. On June 19, attacks took place on the three largest banks in Russia — Gazprombank, Alfa Bank and VTB. Then they attacked the NPSK, and now they attacked the Moscow Exchange. They used the same cyber attack tactics,” the source said.
He clarified that it is difficult for companies to protect themselves from “carpet attacks” because they are aimed at all the company’s services at once.
As Daniil Shcherbakov, deputy general director of the cybersecurity company Servicepipe, commented to the agency, “carpet attacks” on the Russian financial sector were noticed back in January 2024.
«Such attacks are more difficult to counter, as they overload the edge network equipment, which leads to its reboot and loss of network connectivity to the Internet. With a standard DDoS attack aimed at a specific resource/IP address or group of IP addresses , the blackhole method could be applied to the parasitic traffic arriving at them (that is, sending all traffic along a non-existent route). In case of “carpet attacks”, this method cannot be applied, since the attack is aimed at all IP addresses at once and sending traffic to «). «black hole» will lead to the same inaccessibility of the resource,» Shcherbakov explained.