Coordination Center for TLD RU/РФ hosted a meeting of firms that take part in the Netoscope project. The meeting was arranged to coincide with the third anniversary of the project. The participants discussed how Netoscope would affect the overall level of information security in the Russian Internet and what else can companies that support the project do to strengthen security.
All speakers pointed out the significant increase in the amount of information processed by the Netoscope and the interest in cooperation demonstrated by many companies. All meeting participants said that one of the main sources of malware distribution is advertising in itself and advertising applications. Another trend is unauthorized data encryption when criminals demand money from the victim for decryption.
Alexander Kalinin (Group-IB) talked about the work that Group-IB is doing for the project, about its practical results. He pointed out that .РФ zone remains practically clean, there were only 1-2 incidents in new Russian domain zones related to malware activity. Andrey Yarnih at Kaspersky Lab complained that a significant amount of information from Netoscope remains unclaimed. He believes that usage of all the information that is available for project participants and all interested parties would significantly improve the situation in relation to information security of the network. Dmitri Chistov (“Sputnik”) talked about practical application of data acquired from Netoscope and its influence on daily operations of the company.
In the end of the meeting the head of Netoscope project Pavel Khramtsov said: “We see very feasible results that the coordination of our companies brings. We already have a big number of stories how aggregated information within the project was used on practice to fight cyber threats. All of this makes the lives of our users more useful and safe, the company and the industry feel the benefits that the project brings.”
We remind that three years ago, in the end of October 2012, Coordination Center created a research platform to aggregate information about malware resources. In a year a new information analytical resource Netoscope appeared online. All fresh data about cyber threats distribution online and on the fight against malicious resources is collected there. Information to this resource comes from project’s database: it is provided by the companies that participate in the function of the platform and exchange data about malware between each other. As of today Group-IB, Coordination Center, Kaspersky Lab, Mail.ru, Sputnik (Rostelecom), RU-CERT, Technical Center of Internet, Yandex.
