On October 29, the second Sociotechnical and Cultural Aspects of Information Security Russian Scientific and Practical Conference was held. It was organized by Pyatigorsk State University and held both online and offline: some guests took part in discussions remotely, via videoconference.
Taking part in the conference were representatives of educational organizations, state and municipal authorities, and ICT organizations and enterprises. They discussed topical issues of personal information security in the digital space, establishment of a digital culture, problems with confidentiality of personal and corporate information, use of Russian high-tech complexes in education, ways to counter destructive events in the ICT environment, and legal and organizational aspects related to the protection of critical information infrastructure elements.
Invited to take part were experts of the Coordination Center for TLD .RU/.РФ. Last October the Coordination Center and Pyatigorsk State University signed an Agreement on Long-Term Cooperation, which in particular envisages holding joint scientific events on the safe use of information technologies in the field of education.
Tatyana Novikova, Coordination Center Project Manager, talked about the monitoring of phishing domains in the context of the coronavirus the center held in order to decrease the possible damage from criminal activities where such domains were used maliciously.
“The monitoring of the list of .RU and .РФ domains began in March 2020, but the data have been analyzed since January. We try to adjust the list of key words for the monitoring (“masks”) by adding new ones following the news and official statements. For example, the list included “pass” in April, “payment” in May and “vaccine” in August. The number of coronavirus-related domain registrations peaked in March and April, when 1,936 and 1,476 coronavirus-related domains were registered, accordingly. The interest in such domains sharply declined in May and remains at about 120-180 registrations per months.”
Tatyana Novikova noted that not all the domains containing the key words were malicious: Russia’s official website on COVID-19 located at стопкоронавирус.рф was a good example. This is why from the first days of the monitoring the Coordination Center has cooperated with competent organizations, such as the Kaspersky Lab, that check suspicious domains for possible “threat of data loss.” As of today, about 35 percent of .RU and .РФ coronavirus-related domains are flagged as phishing.
The Domain Patrol website was created to inform internet users about cooperation with competent organizations, in addition to the cooperation system for official experts and registrars, through which 15,000 requests have been sent so far.
It is noteworthy that about 80 percent of European lists also monitor COVID-19-related domain registrations.
“At the same time, the pandemic didn’t have a significant impact on ccTLD registration systems: the share of coronavirus-related registrations accounted for less than one percent of the total,” said Tatyana Novikova citing research of CENTR, the association of European country code top-level domain name registries.