The Central Bank asks for authority to pre-block malicious sites
Recently it became known that the Central Bank plans to get the right to block sites used by financial scammers without a court. This idea is already out of the concept stage, ie discussed at a meeting with Deputy Prime Minister Maxim Akimov, write "Vedomosti". In order to realize the requested opportunity, the specialists of the Central Bank have developed a draft amendment to the Law “On Information” , which gives representatives of the Central Bank such powers.
Interestingly, it is planned to block the site regardless of the zone in which the site is located. Currently, the bill is undergoing interdepartmental coordination. The Central Bank is the seventh state body that will receive the right to add sites to the register of prohibited information.
According to representatives of the Central Bank, the organization plans to block four types of sites:
- the first type is typskvottingovye sites, that is, resources located on domains, the writing of which is similar to the addresses of "white" resources like banks and credit organizations;
- the second type - resources that represent the interests of financial organizations that offer services to clients without appropriate licensing;
- the third - sites that provide access to the resources of financial and credit institutions.
- Fourth - sites that distribute unreliable information about the status of financial organizations.
It should be noted that Akimov himself did not support the idea, he considers the blocking criteria proposed by the Central Bank to be too broad.
The fact is that now the Central Bank has the authority to block phishing sites and sites with malware-software, but only if the resources are located in Russian domain zones .ru and .rf. The Central Bank received these powers as a “competent organization”, the status proposed by the Coordination Center of the national domain of the Internet. Currently, there are nine “competent organizations”. They can block separating domains from sites that are considered malicious for one reason or another.
According to the report of FinCERT (the Central Bank structure responsible for cybersecurity), from January to September 2017, the regulator reported about 481 fraudulent domains, of which 367 are delimited. But now the question is not about razdelegirovaniya, and about making the site in the register of Roskomnadzor, after which telecom operators block access to it for users from Russia.
The idea to block the sites of the Central Bank proposed because over the past few years, the organization has noted an increase in the number of resources that are used for fraud in the financial market. This, for example, phishing, distribution of malicious software for unauthorized access to information systems of financial organizations, the provision of financial services in the Russian Federation by persons without a license. The number of citizens who complain about such sites, according to representatives of the Central Bank, is constantly growing.
Organization Group-IB, specializing in information security, last year recorded about half a million phishing pages in foreign domain zones. Phishing activity in Russian domain zones is decreasing, but growing in foreign ones. Every year, approximately 90 clients of different banks become victims of this kind of financial fraud, which is three times more than the number of victims of virus software.
It is worth noting that VTB supports the initiative of the Central Bank, representatives of the banking organization consider it an effective method of combating fraudsters, as well as the spread of malicious software. Elman Mehdiyev, executive vice president of the Association of Russian Banks, believes that extrajudicial blocking of phishing sites on foreign domains and sites that provide financial services without any license can well protect consumers' rights.
Artem Kozlyuk, head of the Roscomsvoboda public organization, does not agree with this opinion. He argues that in the case of blocking a resource, violators use other addresses and sites, but “white” sites that were punished by mistake have a hard time. There are more and more such sites that were blocked by the court or before the trial, so the list of authorities authorized to block should not be expanded, Kozlyuk says. The problem also lies in the fact that the site blocked without a trial is not able to challenge the actions of the regulator online.
A warning at the request of the site administration: “When commenting on this material, please follow the rules. Please refrain from insults and toxic behavior. Post-moderation works in comments. ”