On July 30, the Coordination Center for TLD .RU/.РФ and the National Computer Incident Coordination Center (NCICC) signed an agreement under which the NCICC became a competent organization with the Coordination Center and a member of the Netoscope project. The NCICC will counter the use of ccTLDs for attacks on Russian information resources.
The Coordination Center’s competent organizations gather and analyze information about websites used for spreading malware, phishing and managing bot networks, among other criminal activities. In the event a competent organization discovers such a website or receives a report from a final user, it asks the registry accredited in .RU/.РФ to cancel the domain’s delegation, which puts an end to the domain abuse.
Netoscope is an informational and analytical website and platform that aggregates data about malicious websites in the .RU, .РФ and .SU gTLDs. It publishes the latest data on cyber threats, and its database helps exchange information on domain abuse, which makes it possible to identify and predict related threats.
Coordination Center Director Andrey Vorobyev said: “The NCICC will identify phishing websites and sources of malware, and monitor the activities of bot networks and other computer attacks involving Russian ccTLDs. The NCICC’s many years of expertise and professionalism will enhance the work of the competent organizations and help make the Russian domain space safer.”
The Coordination Center for TLD .RU/.РФ has worked with competent organizations since 2012. As of today, there are 10 companies, public organizations and government agencies on the list: the Safe Internet League, Group-IB, Kaspersky Lab, Bank of Russia, RU-CERT, the Regional Public Internet Technology Center, the Federal Service for Supervision of Communications, Information Technology and Mass Media (Roskomnadzor), BI.ZONE, Doctor Web and the National Computer Incident Coordination Center. Over 10 companies participate in the Netoscope project: BIZon, Group-IB, Kaspersky Lab, Mail.ru, Roskomnadzor, Rostelecom, RU-CERT, SURFnet, SkyDNS, iThreat Cyber Group Inc., the Technical Center of Internet, Yandex and others.
