Strengthening Technological Independence: Yandex’s AI Repels DDoS Attacks
Yandex reports a sharp escalation in DDoS activity, with artificial intelligence now blocking more than 99.9 percent of attacks automatically — a sign of both rising digital threats and the growing maturity of Russia’s defensive technologies.
AI Shields Critical Infrastructure
Alexander Kaleda, Yandex’s Chief Information Security Officer, said the company recorded around 800 DDoS attacks since the beginning of the year, with peak months reaching up to 150 incidents. Over 99.9 percent of these attacks were stopped automatically by AI‑driven systems, including the company’s AntiRobot service. According to Yandex, the advantage of this approach is that AI detects “non‑standard combinations of technical and behavioral attack traits,” while traditional rule‑based systems quickly become outdated.
Once an attack is neutralized, the system automatically analyzes it: about 75 percent of cases undergo automated classification and are immediately added to the training dataset. Yandex says that sustainable protection requires AI‑based detection, automation, and continuous retraining — all critical for keeping up with today’s attack velocity.
For Russia’s IT sector and government, this demonstrates that large digital platforms are under sustained pressure, driving demand for automated cybersecurity solutions. Protecting national digital infrastructure becomes a strategic priority: large‑scale attacks on key services can threaten economic stability, business continuity, and public trust.
The success of such AI‑based defense systems makes them potentially valuable beyond Russia. More stable services, fewer outages, and reduced data‑leak risks benefit users, while the country strengthens its digital sovereignty through homegrown technologies. For the global cybersecurity market, Yandex’s system offers a real‑world case of large‑scale AI‑driven defense — a topic of growing relevance internationally.
A Component of National Security
Yandex’s AntiRobot system targets not only classic DDoS floods but also advanced threats, including botnets and application‑layer (L7) hybrid attacks. In 2023, AntiRobot operating at L7 mitigated 989 such attacks. The internal online service analyzes incoming traffic and determines whether requests originate from humans or bots. In parallel, Yandex continues developing web‑application protection, moving toward comprehensive defense solutions.
At Yandex scale, the effectiveness of AI‑powered mitigation creates export opportunities — including SaaS offerings and integrated solutions for foreign organizations and governments, particularly in cloud environments. In Russia, demand for AI‑enhanced cybersecurity is expected to grow, reducing manual response workloads and expanding machine‑learning expertise. Government agencies may support such technologies as part of national security strategy.
Risks remain: attacks grow more complex, demanding continuous AI retraining, while data‑privacy and scalability concerns require careful oversight. Media and cybersecurity professionals, the company says, should treat infrastructure defense as a critical public issue, and organizations should consider adopting similar AI‑based systems.
Rising Attack Scale and Expanding AI Adoption
In 2021, Yandex withstood one of the world’s strongest recorded DDoS attacks — a botnet known as Mēris, meaning “plague” in Latvian. The attack peaked at 21.8 million requests per second. Infected devices were located in multiple countries, including Bangladesh, Brazil, and India.
In 2023, Yandex launched Smart Web Security, an L7 protection service combining AI‑based behavioral analysis with the Yandex SmartCaptcha system. It identifies threats by analyzing user patterns and blocks sophisticated attacks that mimic human behavior at the application layer.
Yandex.Cloud now hosts full technical documentation for Smart Web Security, covering traffic filtration at layers L3–L4 and L7, infrastructure protection, and security‑rule management. As attackers evolve their methods, both the state and industry vendors are required to adapt. Demand is climbing, and machine‑learning solutions are becoming essential.
Russia’s market now features on‑premise, cloud‑based, and hybrid anti‑DDoS products, as well as CDN services with built‑in protection. The global market is expanding as well: in 2024, the DDoS‑protection sector was valued at $4.15 billion. According to Mordor Intelligence, it may exceed $8 billion by 2029.
Russian companies continue developing defensive technologies. The Yandex case is not the beginning but the latest stage in a long‑term trend of rising attack complexity and accelerating adoption of AI‑based defense.
Technological Maturity as a Marker of Leadership
Large Russian platforms face constant pressure — one provider logs up to 150 DDoS attacks monthly. AI‑driven automation is becoming a necessity, as rule‑based methods alone can no longer cope. Yandex’s demonstrated technological maturity strengthens its position both as a national leader and as a potential exporter of cybersecurity solutions.
Over the next one to two years, experts expect rapid expansion of domestic cloud and AI‑based anti‑DDoS products. New standards for critical‑infrastructure security are likely, with automated AI systems required by default. Export potential remains strong — particularly in countries where technological independence is vital.
Attack intensity will continue rising, powered by new methods and the proliferation of IoT devices. This will increase competition among cybersecurity vendors and may spur additional state support. Agencies such as Rostec and the Ministry of Digital Development are expected to strengthen their role in building the national cybersecurity ecosystem, closing regulatory gaps, and promoting certification and adoption of new solutions.
