| Customers: Ministry of Digital Development, Communications and Mass Communications of the Russian Federation (Ministry of Digital Affairs)
Contractors: Vehicle Integration (Banza) Project date: 2021/10
Project's budget: 68 000 000 руб.
|
Content |
2021
The Ministry of Digital Affairs has begun hunting for identity thieves
As it became known on December 12, 2021, the Ministry of Digital Development, Communications and Mass Communications of the Russian Federation signed a contract with TC Integration for the provision of services to provide information on personal data leaks. We are talking about the amount of 24.3 million rubles, although the documentation for the tender included the maximum contract value of 68 million rubles.
According to Izvestia, employees of the contractor will collect information about the appearance of personal data on the black market, tracking "cybercrime forums with both open and limited access," Telegram channels and hacker resources, as well as applications for data exchange between software developers. At the same time, media reporting on data theft will be monitored. In general, monitoring will cover about 300 resources, including those located on the Tor network.
It is assumed that the contractor will send the Ministry of Digital Affairs weekly reports on all leaks, and on critical ones on a daily basis, as well as conduct statistical analysis of the black market. The ministry will be able to transfer information about the identified leaks to authorities, telecom operators and state-owned companies, which may be a potential source of information about citizens, follows from the technical assignment.
As explained in the Ministry of Digital Affairs, the monitoring system will allow timely start of investigations and respond to data leaks, compromising InformSystems owned by state bodies and telecom operators and other structures.
Igor Bederov, head of the information and analytical research department at T. Hunter, in a conversation with Izvestia, expressed the opinion that the appearance of a monitoring system for data leaks was a positive step.
 | Theft of personal data for Russia has become a huge problem - it is associated with the negligence of employees of companies and government agencies from where information flows, with a shortage of information security specialists, as well as means to control the turnover of such data of domestic development, the expert noted.[1] |  |
Tender for Information on Personal Data Leaks
November 11, 2021 Mintsifra announced a tender called "Provision of services to provide information on leaks personal data the network." Internet For 68 million rubles , the department is looking for a savvy and professional contractor to search for leaks of personal data the Russian users on the Internet and. Darknet
The technical assignment refers to the search for leaks of personal data in open sources, in the darknet and in the comments of users of news sites. The contractor will have to collect statistics on the purchase and sale of information and transmit it to the Ministry of Digital Affairs every week.
According to the source, the ministry needs information about leaks, which appears on English-language resources.
The Ministry of Digital Affairs clarified that the purpose of this project is to initiate timely measures to investigate and respond to relevant incidents (data leaks, compromising information systems owned by state bodies and telecom operators, analyzing and studying the emergence of new fraudulent schemes related to the monetization of compromised personal data). Data sources to find potential leaks that will be expanded during the project:
- cybercrime forums with both open and restricted access (including those requiring payment to register an account);
- Telegram channels and chats of cybercrime topics;
- blogs and websites of attackers who distribute malware (ransomware);
- News resources (including user comments)
- IT forums;
- Telegram channels of IT topics;
- Web-based text and source exchange applications (such as Pastebin and GitHub).
The Ministry of Digital Affairs proposes to allocate 2 levels of criticality in detected leaks: a low level with less than 100 thousand user data and a high level - from 100 thousand users. Moreover, if in the event of detection of a leak, it is immediately impossible to determine the number of injured users, then the level of criticality is determined by the expert opinion of the performer's specialists, and the Ministry of Figures takes actions on their report to block information posted on the Internet and localize the leak.
As part of the provision of information on personal data leaks, the following tasks should be solved:
- compiling a list of keywords to be monitored and keeping it up to date;
- Monitoring of announcements and messages indicating that PDN has been leaked;
- analysis of found announcements and messages in order to assign a level of criticality;
- Sending daily and weekly notifications of new PDN leaks;
- preparation of expert notes on particularly critical PDN leaks;
- the preparation and sending of reports on personal data leaks on the Internet at the stages of the[2].
Notes
| The site content is translated by machine translation software powered by PROMT. The machine-translated articles are not always perfect and may contain errors in vocabulary, syntax or grammar. Read original article If you find inaccuracies or errors in the results of machine translation, please write to editor@tadviser.ru. We will make every effort to correct them as soon as possible. |