An agreement was signed on July 30, 2019, according to which one of the structures of the FSB dealing with cyber security, the National Coordination Center for Computer Incidents (NCCCI), is included in the list of competent organizations of the .ru / .рф Domain Coordination Center (DCC), which have the right to initiate the deprivation procedure Intruder site domains. Among others, the list includes Kaspersky Lab, Group-IB, as well as government agencies, including the Central Bank and Roskomnadzor.
“The NCCCI will be engaged in identifying phishing resources, sources of malicious software, tracking the activity of botnets and other attacks using Russian national domains. Long-term expertise and experience of the NCCCI will complement the work of the institute of competent organizations and will make the Russian domain space even more secure,” - said Andrei Vorobyov, the Director of Domain Coordination Center of Russian Federation. (newspaper Kommersant).
The right of suspending a domain as a punitive measure is absent in the legislation, but it is prescribed in the rules of the DCC: everyone who registers a domain agrees with the possibility of suspending in case of violations. Thus, the right to suspend only applies to domains registered in .ru and .рф zones.
At the moment, this tool to combat cybercriminals is most often used against phishing sites. Over the past few years, more than 3,000 offending resources have been suspended in the ru zone.