Cloud-based hackers at work.
In the digital landscape of 2025, Russia has seen a significant increase in cyberattacks on cloud and hybrid infrastructures. Anton Vedernikov, head of product security at Selectel, highlights that complex targeted attacks using zero-day vulnerabilities are relatively rare due to the resources and skills required.
However, a notable trend emerging in the first half of 2025 is the increase in financially motivated attacks, such as data encryption for ransom or resale. According to data from Cloud.ru's press service, 61% of these attacks were aimed at Russian cloud and hybrid infrastructures.
The total number of such attacks in the first seven months of 2025 was approximately 105 million, a significant jump from the 84 million recorded in 2024 and the 29 million in 2023. E-commerce and retail sectors account for 22% of these attacks, making them a prime target for cybercriminals.
Interestingly, cybercriminals are increasingly interested in privileged accounts with broad rights for quick access and escalation of privileges. In more than half of the cases, cyberattacks on cloud and hybrid infrastructures in Russia began with techniques involving the use of stolen usernames and passwords.
Cross-site scripting (XSS) attacks account for 40% of the total cyberattacks, followed by fraudulent phishing (25%), DDoS and malicious apps (each accounting for approximately 15%), and Malware (10%).
The human factor, including phishing, social engineering, and password brute force methods, may be a more attractive target for cybercriminals due to their ease and cost-effectiveness. This is a view shared by Philipp Krupalin, who notes that it may be easier and cheaper for cybercriminals to exploit these methods.
Government organizations in Germany, Austria, and Switzerland have also been frequent targets of cyberattacks. Notably, the pro-Russian hacktivist group NoName057 conducted numerous politically motivated DDoS attacks, causing temporary outages and disruptions, especially targeting Swiss government websites following significant political events.
Despite these threats, modern cloud infrastructure of major providers is securely protected, making direct technical attacks more difficult and expensive for attackers. This suggests that while the volume of cyberattacks is high, the focus should be on strengthening the human aspect of cybersecurity to counter these threats effectively.
