Companies must connect to the state system to monitor cyberattacks

“We are developing a draft federal law on GosSOPKA, which will define all GosSOPKA participants, their tasks, rights, duties, responsibilities, and will also clarify the situation with GosSOPKA centers, their accreditation, etc.,” Interfax reports on Belov’s words.

The bill has already been discussed with the Ministry of Digital Development and FSTEC and will most likely be presented to the State Duma next year, the official noted.

Now connection to GosSOPKA is mandatory only if the organization owns a system or critical infrastructure facility or ensures interaction between them. Additionally, you can send a notification to the system about a cyber attack with subsequent leakage of personal data.

According to Belov, the limited number of subjects supervised by the NKTsKI and GosSOPKA does not provide the state with a complete picture of the cybersecurity landscape in the country and makes it difficult to predict and combat intruders.

“Today, cybercriminals are not only the target of cyber attacks on critical information infrastructures, but there are also many other resources, whose attacks cause one type or another of damage,” the official said.

The number of cyberattacks on Russian banks in the first 10 months of 2024 was double last year’s figures, RED Security SOC analysts found. The financial sector ranked second on the list of industries that suffered the most prominent hacking attacks.

Personal data leaks continue to represent a great danger: there are about 3.5 billion data lines on the Internet, affecting, to one degree or another, almost the entire population of Russia, highlighted Stanislav Kuznetsov, vice-chairman of the board of directors of Sberbank. According to Sberbank, the main sources of leaks were online stores and medical institutions.