The Country Code Names Supporting Organisation (ccNSO), a body within the ICANN structure focused on supporting and promoting national domains, held a two-day session as part of ICANN’s 49th Public Meeting in Singapore to discuss the key issues in the development of leading national domains.
Andrei Kolesnikov, Director of Coordination Center for TLD RU, made a presentation during day two of the meeting. In his speech, he highlighted how the Netoscope project can be used to detect, analyze and curb malicious activities within .ru, .su and .рф national domains. The Netoscope project was launched by Coordination Center for TLD RU in cooperation with Technical Center of Internet, Mail.ru, Yandex, RU-CERT, Group-IB, Rostelecom and Kaspersky Lab as the first information and analytics online security platform for Russian domains.
Andrei Kolesnikov outlined the methods used by Netoscope to compile its database and spoke on the project’s performance in 2014. Since the start of the year, 21,000 new malicious or suspect domains were added to the database, and 8,700 of them were found to be actually malicious. Of this total, 5,970 domains were found to be distributing malware. It was proven that 2,124 domains were involved in email spam, and another 882 were used for phishing attacks. Andrei Kolesnikov went on to say that the number of non-existent domains registered in Netoscope’s database is increasing. Non-existent domains are those deleted from TLD registries after their administrators fail to address concerns that had led to their inclusion in Netoscope’s database. Non-existent domains currently account for 31.4% of the database’s entries, up from 21.5% in September 2013 when the project was launched. As many as 29,962 second-level domains were deleted from the registry database since the start of the year, which proves that the efforts to rid Russian domain zones of malicious activities are yielding positive results.
