Russia’s FinCERT receives over 300,000 notifications about cybersecurity incidents in one year
Since October 2018, the Financial Sector Computer Emergency Response Team at the Central Bank of Russia has received more than 300,000 notifications about cybersecurity incidents.
The Central Bank of Russia has earlier today published a report about the operations of the Financial Sector Computer Emergency Response Team (FinCERT), showing that it has received more than 300,000 notifications about cybersecurity incidents since October 2018. The signals about the incidents came from the 826 participants (including banks) in the information exchange with FinCERT.
The report shows that the main problem in terms of information security is social engineering. For the period since September 2018 FinCERT commenced the procedure for the de-registration of 9,778 phishing domains (about 2/3 of them were registered abroad). The minimal time for taking down such domains fell from 24 to 3 hours.
The report also shows that during the six months to end-June 2019, some 12,903 attempts to sell data were detected. About 12% of these attempts concerned data bases belonging to financial entities.
Let’s recall that, earlier in October 2019, Sberbank Rossii PAO (MCX:SBER) confirmed there was a data leak affecting 200 of its clients. The bank has managed to identify the culprit who turned out be an employee at the bank born in 1991. Additionally, the investigation undertaken by the bank has shown that the employee who committed the crime sold the data of 5,000 credit card clients of Sberbank’s Urals Bank to a criminal group in the Darknet in late September. A significant portion of the data is outdated or inactive, the bank explained.