The regulator has closed over a thousand malicious resources and targeting more
Photo: lime/Alex Maishev
The Bank of Russia has received a fundamentally new weapon in the fight against malicious sites and will now be able to block them for one day. Due to the special status of the relevant organization he now has the right to identify sites-infringers that distribute malware, the resources with illegal content and phishing sites. If the ended year, the Central Bank has eliminated about 1.5 thousand of such pages, with new features he will be able to significantly increase this number and to radically change the security situation in the Runet.
The virtual thieves the Bank will provide to the coordinating center (CC) national domain of a network that will allow you to quickly block suspicious sites. In fact, the regulator will close the doubtful resources almost on their own, explained “news” in a press-service of the Central Bank, noting that the procedure will be laid in one day. The agreement was signed at the end of last year. The agreement is for a period of three years, specified in the text (“News”).
Last year, in cooperation with Centre for monitoring and responding to computer attacks in the financial sphere (Finart) of the Bank of Russia was blocked 1588 phishing sites that threaten financial and information security of the citizens and the national payment system, have informed “news” the Bank of Russia. The greatest number of closures of the sites had the IV quarter. Only in December was neutralized about 600 malicious resources, in November — 400, said the Central Bank.
These indicators can be considered very modest in comparison to the total number of potentially hazardous sites through which fraudsters are stealing data on Bank accounts of citizens. According to KC, in Russia was more than 6.4 million domain names .EN .of the Russian Federation. Of these, the danger is page about 370 thousand resources in the network, and this number is constantly growing, have informed “news” in the “Yandex.The browser”.
Every month we identify an average of 3-4 thousand new phishing pages, adding to their lists several times a day. But even in the hour of his existence, one fraudulent page may harm users, — told “Izvestia” the representative of the company.
— At each moment of time can be hundreds of thousands of malicious sites. It’s like a phishing page, vymenivali passwords and card numbers under the guise of banking sites and other popular portals as sites that distribute badware, — said the head of the Department in responding to threats to information security Positive Technologies company Elmar Nabiev.
Usually scammers use the trust of the people, giving a malicious lookalike sites for the real Internet Bank. So cyberware unable to access to the passwords that protect personal information. Potential victims of unscrupulous individuals can become more than 5 million people, and that’s just domestic users of the browser “Yandex” (according to the company).
The General Director of KC Andrei Vorobyov added that phishing is a serious problem in the Russian domain zone.
— Earlier, the Central Bank sent the complaint to other competent organizations, but this is not logical, because he is a Bank regulator. Now the controller will accelerate, as they had an opportunity to send letters to the registrars with a request to block domain, said Andrei Vorobyov.
Source of information about fraudulent websites are the citizens ‘ appeals to the Bank of Russia, data from the supervised credit institutions, private monitoring Fincert and information of law enforcement bodies, said Deputy head of the main Directorate of security and information protection of the Central Bank Artem Sychev. According to him, the information obtained is analyzed, the results of the analysis the decision about going to KC for blocking of the website.
Receipt by the Bank of new possibilities will be an important step in the fight against cyberswindlers. However, a significant part of dangerous resources is not affected, experts fear.
Usually such sites are hosted outside the zone .EN and CC can not affect. In addition, a significant part of them are compromised sites. This is a legal resources that have been hacked — said Elmar Nabiev from Positive Technologies.
He believes that in such cases, to block the domain entirely is not quite right. More effective, according to experts, it would be the interaction with the website owner and the joint elimination of phishing pages and vulnerabilities with which the site was compromised.