Baby steps for Russian online security

In a move that mirrors China’s from last year, Russia’s Coordination Center will insist that anybody who applies for a .ru domain – be it an individual or a business – has to hand over a copy of a passport or legal registration papers.

According to ComputerWorld, they hope that this new provision will make criminals give up on trying to register the said domains, since background checks will reveal fake identities or, at least, make the whole registration process too long, too complicated and too costly for them to undertake.

The new rules will be applied as of April 1. Until now, the domains could be registered without any proof of identity, which made them ideal for scammers, spammers, for setting up botnet C&C servers or websites with pornographic content.

Russia has long been a safe haven for cyber criminals. The lack of anti-spam legislation, for example, makes Russian spammers feel safe and allows them to live and operate in the open.

Dancho Danchev had the opportunity to talk with the head of PR for the Russian Association for Electronic Communications, and he confirmed that while seven of the top 10 spammers are Russian, servers based in the US are responsible for more spam than those in any other country.

According to him, Russian spammers earned around $127 million in 2009. One of the problem is that big players like these are not deterred by threats of fines, since they are usually much, much lower that their earnings.

There was no talk about the likelihood of forthcoming changes in the law regarding cyber crime. While this new provision regarding the registration of .ru domains is a step forward for Russia, it is – technically – just a way to shift the problem into someone else’s lap.