The second day of the TLDCON 2024 business program was opened by the Cybersecurity and DNS Abuse section, moderated by Mikhail Anisimov (ICANN). Participants discussed various approaches to analyzing cyber risks, talked about which indicators are considered and how they change over time as threats evolve.
Siôn Lloyd (ICANN) shared his experience of using blocklists to assess the reputation of domains and identify their malicious use. He emphasized the importance of collecting data from multiple sources - this allows not only to detect hidden threats, such as phishing, but also to predict future use of domains for criminal purposes, and also increases the reliability of data through cross-checking.
Anton Trostyanko (hoster.by) covered the situation with cyber incidents in Belarus. According to the expert, the number of incidents continues to grow: if 297 incidents were recorded in 2023, then since the beginning of 2024 there have already been 349. Among the most popular attack methods: compromise of credentials (64%), use of malware (55%), DDOS attacks (31%) and exploitation of vulnerabilities (28%).
Ruslan Turguldinov (Cyber Attack Analysis and Investigation Center) spoke about monitoring and protecting websites in the national zone of Kazakhstan .KZ, and Alexander Ulyanov (Smart Business Technologies d.o.o.) presented anti-phishing technologies in Yandex Browser.
Sergey Golovanov (Kaspersky Lab) described the cyber threat landscape and presented the company's approaches to tracking and blocking malicious resources. According to the company, in 2023, the number of blocked phishing links in the .RU zone increased 5 times. In terms of the number of antivirus system activations last year, Belarus took 3rd place (22% of activations), and Russia took 20th place (18%).
The final section of the conference was "Applied Cybersecurity" - a section dedicated to digital security in the banking sector. Participants discussed current trends in cybersecurity, the specifics of interaction between competent organizations, banks and registrars. The section was moderated by Olga Baskakova (Coordination Center for TLD .RU/.РФ).
Bank representatives - Dmitry Bondar (Alfa-Bank Belarus) and Alexander Dudenko (Bank of Russia) - told conference participants about the challenges that banking experts in the field of cybersecurity most often face. "Phishing is not a myth, but our reality," Dmitry Bondar said, talking about counteraction methods and the procedure for interacting with regulators to combat phishing. And Alexander Dudenko covered the current types of cyber fraud and attacks on clients of the financial sector.
Then representatives of competent organizations had a talk. Dmitry Kiryushkin (BI.ZONE) presented the results of the company's work in the fight against phishing in the financial sector. According to BI.ZONE, 90% of banks have phishing clones, and in 2023 alone, the company blocked 210,000 phishing pages. In addition, about 1 billion lines of leaked data were detected last year, which means that for every 100 corporate accounts, there are 10 compromised pairs of credentials.
Stanislav Goncharov (F.A.C.C.T.) cited company data, according to which in the first half of 2024, the number of phishing links in the financial sector increased by 26% compared to the same period in 2023, and by an impressive 291% compared to the second half of 2023. At the same time, 73% of phishing domains in the .RU and .РФ zones were consonant with brand names, and in the first half of the year, F.A.C.C.T. analysts sent 33% more requests to the Coordination Center to block phishing resources aimed at the financial sector.
The registrar block was presented by Marina Brik (Runity), who cited statistics on requests to registrar abuse services: since the beginning of 2024, more than 118.500 requests have been received, which is 26% less than for the same period in 2023. Of these, 40% concerned phishing, 21% - fraud, 18% - spam, and 12% - fraud.
At the end of the section, Petr Zaretsky (Investigative Committee of the Republic of Belarus) spoke about approaches to countering fraudsters and repelling cyber threats in Belarus.
During the closing ceremony, the partners expressed their gratitude to the organizing and program committees for the excellent organization, fascinating presentations and lively discussions. Summing up the conference, the Director of the Coordination Center Andrey Vorobyev noted that the TLDCON continues to develop dynamically, and thanks to the participation of leading experts, it has become interesting for a wide audience.
The next, 18th International Conference of Administrators and Registrars of National Top-Level Domains of the CIS, Central and Eastern Europe TLDCON 2025 will be held in autumn 2025 in Kaliningrad!