On March 17, 2026, the 24th annual conference, Building Trust and Security in the Use of ICT, organized by the Russian Association for Networks and Services (RANS), took place in Moscow. The Coordination Center for TLD .RU/.РФ served as the event’s general partner.
The conference opened with a plenary roundtable discussion on the Association’s priority areas for 2026. Moderated by Alexander Ivanyuk, Chairman of the RANS Executive Committee, the session brought together federal government officials, representatives of industry organizations, and the expert community. When addressing the participants, Coordination Center Director Andrey Vorobyev outlined current challenges in domain space management and highlighted the evolving nature of cyber threats, including the changes in phishing activity:
“Although the number of phishing websites in Russian country-code domain zones went down by nearly one-third in 2025, the problem has not disappeared – it has simply transformed. Today, scammers increasingly target victims through messaging platforms, while threats related to malware distribution continue to grow.”
Andrey Vorobyev also moderated a roundtable discussion on coordinating the sustainable and secure operation of the country-code domain zone, organized by the Coordination Center. Participants discussed key development priorities, including strengthening infrastructure resilience, improving anti-abuse mechanisms, and enhancing cooperation with government and industry stakeholders.
The discussions focused on upcoming regulatory changes set to take effect on September 1, 2026. A major innovation will be the mandatory identification of domain administrators through the Unified Identification and Authentication System (ESIA). This requirement will apply to all domain-related transactions, including registration, renewal, and changes of ownership. Another important topic was the specifics of government organizations’ domain regulation. A dedicated framework will be introduced, including special procedures for registration and maintenance, as well as mechanisms for reserving domain names after expiration. These measures are designed to prevent domain hijacking and enhance the resilience of public-sector digital infrastructure.
Irina Haaze, CTO of hosting provider and domain registrar ElasticHosting, spoke about the practical implementation of the new requirements. She noted that integration with ESIA enables automation of identification processes, reduces operational costs for registrars, minimizes human error, and improves the overall security of domain transactions.
During the session, Alexei Rogdev, CEO of the Technical Center of Internet, presented approaches to developing a specialized domain administration regime for government entities. He emphasized the critical importance of such domains for public services, highlighting the need for enhanced stability, continuity, and centralized management mechanisms. This envisages the implementation of a separate government domain management model, which would include a special domain lifecycle, additional transaction confirmation procedures, and a centralized administration mechanism through a system of specialized registrars.
Yevgeny Morozov, Director General of MSK-IX, focused on the technological foundation of national domain stability. He noted that today’s DNS infrastructure is geographically distributed, highly resilient due to Anycast technologies, and capable of handling exponential increases in load, including attacks involving mass generation of malicious domains.
Particular emphasis was placed on the effectiveness of existing threat mitigation measures. According to the Coordination Center’s data, more than 60,000 malicious domains were blocked in 2025, with the average response time of the Domain Patrol project at approximately 15 hours, which is one of the best indicators globally. However, Andrey Vorobyev emphasized that further acceleration is essential, given that phishing campaigns can have life cycles of less than 24 hours.
Participants concluded that the introduction of mandatory identification mechanisms will significantly reduce the use of false identities in domain registration, increase market transparency, and strengthen trust in the Russian domain space among users as well as the international community.
As Andrey Vorobyev noted, domain administrators’ identification through ESIA should be seen as a tool for protecting users and improving the security of the entire industry:
“A Runet free of scammers is not a utopia, but a reality we have to build through consistent joint effort.”
