gov.ru (domain)

Domains

Main article: Domains

2023: All state sites in Russia want to collect in the gov.ru zone

The public movement "Information for All," which prepares reports in the field of information culture and cybersecurity, proposed transferring all sites of the Russian federal authorities to a subdomain of gov.ru, and making the administrator of the "state" domain zone - the Federal Security Service of Russia - a single hoster. This report of the organization became known on May 16, 2023.

As Kommersant writes with reference to this document, the infrastructure on which state sites and the components necessary for their maintenance are located should be hosted on a hosting located "under the full and direct control of the state." The websites of government agencies should contain only official information, exclude its unauthorized modification and provide secure data exchange with users, the authors of the initiative believe. To do this, it is proposed to tighten the requirements for sites prescribed in existing regulatory legal acts. In particular, extend the requirement to use software from the register of domestic software to all programs, and not just visit counters.

The public movement "Information for All" proposed to transfer all sites of the Russian federal authorities to a subdomain gov.ru

By May 2023, most of the main ministries and departments already use gov.ru, except for the websites of the Kremlin, the Central Bank and law enforcement agencies. But the report of the Information for All movement on the security of authorities sites proposes to legislate that the sites of federal government agencies should be located only in this domain zone - "under the full and direct control of the state." And the authors of the report want to entrust the functions of not only the hoster, but also the technical support operator to the FSO.

According to the head of the Institute for Internet Research Karen Kazaryan, the tasks of the hoster should be assigned to Rostelecom, which acts as the operator of Gosblak. And transferring these functions to the FSO is "not very effective," because hosting requires a lot of additional competencies.^[1]

2021: Fraud using the domain of government agencies gov.ru

In July 2021, it became known about a new type of fraud with the domain of gov.ru government agencies - it is used to send phishing emails. This was reported in the administration of the RSNet network (Russian State Network, the Internet segment for the Russian authorities).

To prevent the implementation of information security threats, we recommend not opening letters from unfamiliar senders, not clicking on links from emails from legitimate RSNet network users, including from the RSNet network administration, not opening attachment files contained in such electronic messages - indicated in the letter, excerpt from which leads RIA Novosti.

A new fraud with the domain of government agencies has appeared in Russia gov.ru

According to Andrei Kovtun, head of the email threat protection group at Kaspersky Lab, fraudsters set up phishing mailings allegedly from a domain gov.ru. He explained that as a trick, the attackers use the fake address of the sender of the webmaster@gov.ru, which is used as the name of the addressee, and the real e-mail of the sender is on free mail.

The head of the information security department SearchInformAlexey Drozd explained that you cannot follow the links from letters of even legitimate users, since their accounts can be hacked. He urged to be vigilant and pay attention to the strange behavior of the interlocutors.

Previously, similar fraudulent mailings took place from the addresses of the tax authorities. As lawyers point out, users usually trust the official authorities and consider their messages important, which is what attackers use.

People trust domains that look like state ones. In addition, if a letter comes from a state body, we a priori consider it important, "said Irina Zinovkina, director of consulting at InfoWatch.[2]

Notes