On October 7-8, Moscow hosted the Cybertech-2024 State Cybersecurity Forum, organized by the Ministry of Digital Development. The forum took place ahead of the launch of the Data Economy national project.
The discussion at the forum focused on key objectives in the field of information security. Maksut Shadayev, Russia’s Minister for Digital Development, Communications and Mass Media, pointed out in his remarks that human error is behind most cyber incidents, with one-third of such errors caused by an “irresponsible and careless attitude.”
According to the minister, even though the domestic security industry is making active progress and offering a variety of cybersecurity tools, this still cannot entirely rule out incidents caused by the simplest things that depend solely on the individuals who use these tools. Maksut Shadayev also noted an unprecedented increase in cyberattacks on the Russian IT infrastructure. Although import substitution of foreign information security systems is progressing rapidly, using them correctly remains an issue:
“Today, Russian software companies can develop the most complex information security systems, such as next-generation firewalls. Several vendors have already presented such products. At the same time, I believe that most issues today have to do with the skills and psychology of the specialists who actually use these products at companies.”
Several experts from the Coordination Center for TLD .RU/.РФ took part in the forum. During the panel discussion on Online Threats: Phishing, Director of the Coordination Center Andrey Vorobyev spoke about the security measures taken to protect users of the .RU and .РФ national domains. He spoke at length about the work carried out by competent organizations and registrars as part of the Domain Patrol project, noting that the number of complaints about the misuse of domain names has increased four-fold over the past two years. This clearly warrants steps to enhance security measures and efforts to protect users.
Andrey Vorobyev also presented AI capabilities for proactive detection of malicious registrations, identifying phishing websites and analysis of security threats to the DNS infrastructure.
Vadim Mikhailov, infrastructure consultant for the Coordination Center, shared the experience of the registry’s cooperation with leading universities. In particular, the Coordination Center participated in retraining programs at MAI University on Applied Problems and Frameworks of Machine Learning and Big Data Analysis, and Intelligent Technical Systems.
“Ensuring cybersecurity at all levels is the number one priority for the entire tech community today, and the Coordination Center is vigorously contributing to this important cause. For more than ten years, our projects Domain Patrol and Netoscope have been providing platforms for interaction between information security companies, domain name registrars and users. Malicious attack scenarios and fraudulent schemes are becoming more diverse, but we are doing our best to keep up to speed. We collaborate with our partners to develop new methods to address such threats, including proactive strategies. In addition, the domain name registration system is a very sensitive information system in itself and requires proper protection using top-notch AI-enabled tools. We are working towards this as well,” Andrey Vorobyev emphasized.