Financial cybersecurity: Bank of Russia report

The main challenge of information security is social engineering, notes the Bank of Russia’s report about the operations of the Financial Sector Computer Emergency Response Team (FinCERT) from September 2018 through August 2019 inclusive.

The Bank of Russia focused on countering this illegal activity by blocking resources used by fraudsters to steal money, among other things.

Over the year, FinCERT reported information about 4,936 phone numbers used in fraudulent mass text messaging, calls, malware infections, etc. to authorised agencies to have these phone numbers blocked.

Since last September, FinCERT initiated the shut-down of 9,778 phishing domains (approx. 2/3 of such domains were registered abroad). The minimum time needed to shut down such domains has reduced from 24 to 3 hours. Such domains are shut down 24/7/365.

In 2019, the Bank of Russia requested that financial market participants track and register signs of unauthorised operations. These signs are used in countering unauthorised write-offs of funds.

The Report also notes that in the past six months (1 January—20 June 2019) 12,903 offers to buy or sell various databases were detected. That said, only 12% of these offers concerned databases of financial and credit institutions.

Currently, exchanging information with FinCERT are 826 organisations, including all banks operating in Russia. Since October 2018, they have filed more than 300,000 incident alerts.