News

Phishing: The biggest problem in 2020

On February 9, Cyber Security Day 2021 took place in Moscow as part of International Safer Internet Day. This is an international forum on digital security and the central event of Safe Runet Week. The forum was organized by ROCIT and the Russian Association for Electronic Communications with the support from the Russian Popular Front and Kaspersky Lab. The Coordination Center for TLD .RU/.РФ is an official forum partner, and director of the Coordination Center Andrey Vorobyev delivered a speech at the opening ceremony.

Andrey Vorobyev talked about trends in cybersecurity and internet regulation at the international, regional and national levels. He noted that internet governance primarily meant the joint development of basic principles, forms and approaches to network regulation, via a multi-stakeholder model. He stressed that this model was used in Russia to manage the Russian domain zones .RU and .РФ.

“Today it is impossible to work in the internet without complying with international rules that would be legally binding, but no such standards have been developed yet,” Andrey Vorobyev noted. He talked about Russia’s work in this area, in particular, the draft law on phishing being reviewed by the Russian State Duma.

“Phishing was the main problem in 2020; our ccTLDs have a successful self-regulation system that allows pre-trial blocking of phishing websites. Competent organizations send requests to registrars. In 2020, more than 10,000 requests were received, and in most cases measures were promptly taken,” he said.

Coordination Center project manager Olga Baskakova elaborated on the self-regulation system and the center’s other cybersecurity projects at Digital World’s Anatomy in 2020 session. Her speech was dedicated to how the Russian domain space survived 2020 and how the Coordination Center’s anti-abuse projects, Netoscope and Domain Patrol, developed in 2020. New coronavirus-domains – domains containing words such as “corona,” “covid,” “pandemic,” “pandemia,” “ковид,” and “vaccine” – was one of the main domain space development trends in 2020. Of course, the number of new domains in this category peaked in March and April: 1,500-2,000 registrations; interest clearly declined in May, leveling out in June and remains the same today. Summing up 2020 results, experts noted almost 5,000 domains in .RU and almost 1,000 in .РФ.

According to the most relevant data for the last month, almost a third of 128 registrations in .RU were in one way or another related to vaccination, and more than half contained the direct name of the virus.

Olga Baskakova presented the Coordination Center’s cybersecurity projects: “Since its establishment, the Coordination Center has been working on ways to combat illegal resources. The CC uses the Netoscope information and analytical platform and the institute of cooperation with competent organizations. In 2020, this institute was named Domain Patrol. Today the Coordination Center cooperates with ten competent organizations with extensive experience in identifying malware and that have the right to send requests to registrars to cancel domain names delegation.”

Olga Baskakova also noted the sharp growth in the number of phishing websites in 2020.

“If we compare the number of competent organizations’ requests to cancel domains with the last year, we can see that in early 2020 the situation was pretty calm, but by the early summer the number of requests had increased significantly. In January 2021, we held a closed meeting with representatives of competent organizations and Netoscope where phishing-related trends were discussed. The number of such websites is growing steadily not only in.RU and .РФ, but also in other domain zones. The last year, with its turmoil, has become a breeding ground for all kinds of criminals who have intensified their efforts and multiplied in the murky waters of the pandemic. A lot of new schemes and algorithms have appeared. But I believe we have new solutions to ensure the security of the Russian domain space. Cybersecurity experts, registrars, registries, law enforcement agencies, legislators and end users are strong together!” Olga Baskakova concluded.

Previous News Next news