An annual working meeting of the Coordination Center for TLD .RU/.PФ, Technical Center of Internet, competent organizations, and accredited registrars was held in Moscow on November 9th. The meeting's participants discussed future plans and summarized the early outcomes of their partnership in 2022.

In his welcoming speech, Director of the Coordination Center Andrey Vorobyev noted that in the process of countering offenses in the network, the speed of response is critical. “After all, the faster they stop, the less harm they manage to cause. And I would like to express special thanks to the domain registrars. You are the most important link in the chain of elimination of violations!” he added.

Evgeny Pankov, Project Manager of the Coordination Center, noted that in 2022 the number of requests to registrars increased by 25%. So, for 10 months, competent organizations sent 11,936 requests, while in 2021, 9,556 requests were sent for the same period.

At the same time, the largest number of requests came from Group-IB (5343), BI.ZONE (2858), Fincert (1598) and NCRCC (1576). 11,514 malicious resources were blocked as a result of hosting companies and registrars reviewing them, and the typical response time was 23.2 hours.

Olga Baskakova, project manager of the Center, spoke about the latest changes in the interface of the Information System for Interaction between Competent Organizations and Registrars, as well as further plans for its improvement.

Representatives of competent organizations also made presentations: Ivan Lebedev (Group-IB) spoke about the main phishing trends in the .RU and .РФ domain zones, and Dmitry Kiryushkin (BI.ZONE) spoke about why BEC attacks are a big problem.

Alexander Chernyshev (Integral) shared statistics shows that the main targets of phishing attacks in 2022 were the theft of user passwords from accounts on the social network VKontakte, as well as personal accounts of the websites of government agencies, VTB and Gazprombank.

The discussion of the work's outcomes and ways to improve the Domain Patrol's effectiveness concluded the meeting. Domain Patrol is a system of communication that is not based on legal rules or prescriptive responsibilities, as mentioned by Irina Daneliya, Deputy Director of the Coordination Center. “This project is a good illustration of how an industry may self-regulate by relying mainly on contracts and trust. And precisely the level of this trust serves as a measure for the overall work's effectiveness,” she emphasized.

Recall that the Coordination Center for TLD .RU/.PФ introduced the procedure of communication with organizations capable of recognizing infractions on the Internet in 2012. The Coordination Center and accredited domain name registrars receive information from competent organizations concerning resources with illegal content, phishing incidents, unauthorized access to information systems, and the spread of dangerous software from domain names in the .RU and .РФ zones. Domain names for these resources may no longer be assigned by registrars. Currently, the Bank of Russia, BIzone, Group-IB, Doctor Web, Kaspersky Lab, the Safe Internet League, the National Computer Incident Coordination Center, Roskomnadzor, ROCIT, RU-CERT Rostelecom Solar, and FSUE MNII Integral are among the twelve competent organizations that work with the Coordination Center.