Roskomnadzor to restrict runet access for foreign vulnerability scanners

The “Scientific and Technical Council on Information Security of Russian Systems and Resources” held a meeting at the main radio frequency center (FSUE “GRCHC”) supervisory authority. The council identified three key areas of work in the field of cybersecurity.

The first key area identified is the need to create a national system to protect against Distributed-Denial-of-Service (DDoS) attacks. The system will ensure the protection of Russian infrastructure from all types of attacks originating from abroad at cross-border crossings. Additionally, an exchange of information about attacks and methods of protection will be organized between the largest Russian companies in the field of cybersecurity by the end of the year.

Another area of focus is the scanning of vulnerabilities within Russian systems and services. Roskomnadzor plans to create a domestic trusted scanning system based on their TsMU. This system will enable the detection of vulnerabilities in Russian information resources and quickly correct them. The agency also aims to limit scanning by foreign services of the Russian Internet segment.

The third area of priority is the provision of “reliable information about the country affiliation of IP addresses.” RKN will create a trusted system of verification of network addresses’ country belonging on the basis of TsMU. This initiative aims at ensuring the correct operation of Russian information resources and access to them. However, a technical specialist of Roskomvoboda believes that this proposal is a kind of inventory of IP addresses that no one has at the moment. Nonetheless, this initiative can be part of work in the second key area.

In summary, the “Scientific and Technical Council on Information Security of Russian Systems and Resources” highlighted the importance of creating a national system to counteract DDoS attacks, scanning vulnerabilities within Russian systems and services, and providing reliable information about the country affiliation of IP addresses.

/Reports, release notes, official announcements.