TelecomCert (unified platform for responding to cyber attacks)

2024

Social networks and Ministry of Digital Development will be connected to the Russian Marketplaces platform to counter cyber threats

On August 21, 2024, it became known that it is planned to attract new participants to the TelecomCert initiative, within the framework of which the Ministry of Digital Development of the Russian Federation is creating a joint state platform for responding to cyber attacks. In addition to telecom operators, banks and IT companies, it can connect owners of social networks, marketplaces and developers of mobile applications.

The expansion of the project is reported by the Kommersant newspaper, referring to information received from sources in the IT market. It is assumed that TelecomCert will allow government agencies to exchange information with business about cyber incidents and fraudulent actions. The launch of the platform is scheduled for the end of 2026.

Freepik

It is noted that thanks to the involvement of the TelecomCert system of social networks, marketplaces and creators of applications for smartphones, the possibilities for promptly blocking fraudulent schemes related to theft of personal data can be expanded. Artem Sheikin, deputy chairman of the council for the development of the digital economy under the Federation Council, says that combining the efforts of law enforcement agencies, banks, telecom operators and various IT companies will create a single picture of cyber threats. And this, in turn, will provide a more effective analysis and timely response to crimes in the IT sphere.

Andrei Fedorets, head of the information security committee of the Association of Russian Banks, believes that the creation of a new platform is necessary in light of the rapid growth in cyber fraud. In his opinion, microcredit organizations, suppliers of banking solutions and other industry participants should be connected to the project. Oleg Zamiralov, head of the Tinkoff Bank Ecosystem Protection Center, adds that the proposed comprehensive tool requires not only the involvement of the largest market players, but also legislative changes. He also believes that the transfer of information to the platform should be mandatory, not advisory.^[1]

Work to create a platform

On May 24, 2024, it became known that the Russian Ministry of Digital Development had started creating a unified platform for responding to cyber attacks. It is assumed that it will include the Antifrod, Antifishing systems and specialized banking services to counter fraudsters.

According to the Kommersant newspaper, the Ministry of Digital Development discussing the initiative with banks, telecom operators (Tele2, VimpelCom, etc.) and other representatives of the IT industry. One of the possible scenarios for the implementation of the project is the division of response to cyber incidents between large market participants. We are talking about fraudulent calls, phishing attacks and other cybercriminal schemes. With this model, the law enforcement agencies, which generally oversee the response to attackers' attacks, can be assigned a controlling role. These can be, for example, checking companies for compliance with cybersecurity requirements or making decisions on fines for an incident.

Unsplash

Market participants, as noted, are not against the idea. Financial sector companies believe that a single response platform will be the development of the Antifrod system. And in "Informzaschita" consider the creation of the platform "a technically feasible project that can significantly increase the level of cybersecurity." At the same time, it is emphasized that the project requires a specialized architecture that provides flexibility and scalability, as well as tiered protection of the platform itself.

On the other hand, concerns are expressed regarding the centralization of information protection. For example, Tinkoff Bank is critical of the fact that "ultimately the system turned into a single center through which all banking operations pass, and it decides which of them to allow."^[2]

Notes