The Internet Association of Ukraine proposed to the National Bank a transparent and legal mechanism for blocking phishing domains. This is stated in a letter to INAU NBU.
.in_text_content_22 { width: 300px; height: 600px; } @media(min-width: 600px) { .in_text_content_22 { width: 580px; height: 400px; } }
Currently, according to the NCU regulations, implemented by Order No. 67/850 of January 30, 2023, the domain blocking mechanism is as follows:
-
The NBU creates and submits to the National Cybersecurity Coordination Center under the National Security and Defense Council of Ukraine (hereinafter referred to as the NCCC) a list of phishing domains;
-
The NCCC places this list on its “transit” server, from which providers are obliged to receive it;
-
Internet providers are required to configure their DNS servers in such a way that Internet users are redirected to the NCCC landing page without their knowledge or consent in case of requests for domains from the list;
Thus, if an Internet user intends to access a domain included in the list, he will be taken to the NCCC server.
Section 9 of the regulation stipulates that the NCCC server collects and stores detailed information regarding Internet users redirected to this server, namely:
When switching to a landing page, the System saves technical information, including date and time, IP address (subnet) from which the transition is made, domain name or URL of the phishing page to which the transition is made, user-agent, etc., and undefined public authorities are given access to the above information.
Thus, the NCCC illegally collects, stores, uses and distributes confidential information about the person – revealing the details of the person’s actions on the network (what domain he intended to visit, the date and time of the visit attempt, the IP address from which the attempt was made to visit the domain).
What the Association offers
In a letter to the National Bank regarding the system for filtering phishing domains, the association proposes to the NBU to introduce a legal and transparent mechanism for blocking phishing domains.
It is about the following:
-
The NBU forms and constantly updates the list of phishing domains (as is happening now);
-
The NBU provides ISPs with access to this list from its own server (without using a “transit” third party server);
-
Internet providers voluntarily upload this list, while being able to send a reasoned refusal to block a particular domain to the NBU, which will reduce the likelihood of erroneous blocking of domains that are not phishing;
-
if an Internet user tries to visit one of the domains from the list, he is redirected to a landing page hosted on the servers of his provider, which solves the problem of unlawful violation of the confidentiality of user information.
Source: Racurs
I am David Wyatt, a professional writer and journalist for Buna Times. I specialize in the world section of news coverage, where I bring to light stories and issues that affect us globally. As a graduate of Journalism, I have always had the passion to spread knowledge through writing.