The ministry intends to check Telegram channels, hacker forums and other sites on a daily basis to identify stolen personal data of citizens. The agency’s tender to collect information about the leaks was published on the government procurement portal on November 11.
The initial contract price is 68.3 million rubles, the application can be submitted until November 19.
According to the terms of reference, which Kommersant studied, the contractor will have to find information about leaks of personal data, collect statistics on their purchase and sale, including volume and demand, and report the found information to the department every day. In addition, the company that received the contract will have to identify the hacking of the IT systems of government agencies and telecom operators and the emergence of new fraudulent schemes that are associated with the monetization of compromised personal data.
The department named the publication the purpose of monitoring – “to count everyone” and to respond at the state level to each incident. The ministry intends to interact with government agencies from where the leak was recorded.
Monitoring will not help reduce the number of leaks in the future, but the information can be used to block distribution channels and to detain cybercriminals involved in the sale of data, Aleksandr Dvinskikh, an expert on information security for the Croc company, told the publication.
On November 11, the Ministry of Digital Affairs announced a record-breaking cyberattack on the portal of public services. During the current week, two failures occurred on the public services portal. During the first outage, the validity periods of COVID certificates for many users were reduced from one year to six months. The head of the Ministry of Digital Affairs Maksut Shadayev said that the ministry would conduct additional testing of the portal.
Databases of Russians who allegedly bought fake coronavirus vaccination certificates began to be sold on shadow forums and Telegram channels, Kommersant previously reported. The database contains passport data, SNILS, phone number, place of residence and the date of receipt of the certificate.
.