China's Great Wall Into Russian Cybersecurity

The Kremlin has joined forces with Chinese authorities to bring the internet and its users under greater state control

Russia has been working on incorporating elements of China’s Great Firewall into the “Red Web”, the country’s system of internet filtering and control, after unprecedented cyber collaboration between the countries.

A decision recently to block the networking site LinkedIn in Russia is the most visible in a series of measures to bring the Internet under greater state control. Legislation was announced this month that gives the Kremlin primacy over cyberspace, the exchange points, domain names and cross-border fibre-optic cables that make up the architecture of the Internet.

In the summer, a measure known as Yarovaya’s law was introduced, which requires Russia’s telecoms and Internet providers to store users’ data for six months and metadata for three years.

A group of Kremlin and security officials is driving the offensive against internet freedoms. The government fears the web could be used to mobilise protesters and disseminate dangerous ideas and information and it is looking for ways to switch off connections in times of crisis.

Earlier this year, the security council secretary, Nikolai Patrushev, who was head of the Russian Federal Security Service during Putin’s 2000-08 presidency, had two meetings with Chinese politburo members on information security; and in June, Putin went to Beijing to sign a joint communique about cyberspace (pictured).

What the Russians want most from China is technology. Russia has no means of handling the vast amounts of data required by Yarovaya’s law, and it cannot rely on western technologies because of sanctions.

However, the Chinese are willing to lend a hand. In August it was reported that Blat, the Russian telecoms equipment manufacturer, was in talks with Huawei, the Chinese telecoms company, to buy technologies for data storage and produce servers to implement Yarovaya’s law.

The Chinese officials also ensured senior Huawei staff were present at key information security conferences in Russia, and the company was the major sponsor of the Russian information security forum held in Beijing in October.

“Huawei is essentially an arm of the Chinese state, whoever nominally owns it,” said Gordon Chang, author of The Coming Collapse of China. “Its origins are murky, its growth far too fast for a private company in China, state officials support its efforts, and the absence of competition from state enterprises is another important tell.”

The Russians apparently see no other option than to invite Chinese heavyweights into the heart of its IT strategy. “China remains our only serious ‘ally’, including in the IT sector,” said a source in the Russian information technology industry, adding that despite hopes that Russian manufacturers would fill the void created by sanctions “we are in fact actively switching to Chinese”.

In Russia, the strategy for greater collaboration with China has been developed and promoted by top-level Kremlin officials, generals and businessmen. These include Patrushev, Shchyogolev and Konstantin Malofeev, the billionaire founder of Orthodox channel Tsargrad TV who is the subject of EU sanctions for his connections to separatists in Ukraine. The group is believed to be the driving force behind Yarovaya’s law.

On 7 November, China adopted a controversial cybersecurity law that revived international concerns about censorship in the country. In a sign that collaboration between the countries is mutually beneficial, the legislation echoes Russia’s rules on data localisation and requires “critical information infrastructure operators” to be stored domestically, the law LinkedIn fell foul of. It seems the exchange of ideas has already borne fruit.

Guardian:      ‘Great Cannon’ China’s Weapon Shoots Down Internet Sites:   

Three Pronged Attack: Chinese Military In Cyberwarfare Buildup:


 

« Critical Cybersecurity Protocols To Implement
Codebreakers: Cybersecurity School At Bletchley Park »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

ON-DEMAND WEBINAR: How to build and implement an effective endpoint detection and response strategy

ON-DEMAND WEBINAR: How to build and implement an effective endpoint detection and response strategy

Discover how you can implement endpoint detection and response (EDR) tools into your security strategy.

Certification Europe

Certification Europe

Certification Europe is an accredited certification body which provides ISO management system certification including ISO 27001.

CyberSeek

CyberSeek

CyberSeek provides detailed, actionable data about supply and demand in the cybersecurity job market.

Information Systems Security Partners (ISSP)

Information Systems Security Partners (ISSP)

ISSP is a specialized system integrator focused on the information security needs of its corporate clients and providing best in class products and services for securing organizational information.

Fend

Fend

Fend secures smart infrastructure. We provide a robust, highly secure way to have situational awareness of IoT enabled assets.

Trusted Connectivity Alliance (TCA)

Trusted Connectivity Alliance (TCA)

Trusted Connectivity Alliance is a global, non-profit industry association which is working to enable a secure connected future.

SyferLock Technology Corp.

SyferLock Technology Corp.

SyferLock is an innovative provider of next-generation authentication and security solutions.

WidePoint

WidePoint

WidePoint Corporation is an innovative provider of Trusted Mobility Management (TM2) solutions.

Servian

Servian

Servian is one of Australia's leading IT consultancies, with expertise in cloud, data, machine learning, DevOps and cybersecurity.

SIA Group

SIA Group

SIA Group, an Indra company, combines Consulting, Systems Integration and Managed Services in four specialized business areas: Information Security, Storage, IT Management and IT Mobility.

Midwest Cyber Security Alliance (MCSA)

Midwest Cyber Security Alliance (MCSA)

Midwest Cyber Security Alliance is a nonprofit, nonpartisan collaboration of individuals, businesses, government entities, and professionals advocating for more effective cyber security solutions.

Condition Zebra

Condition Zebra

Condition Zebra has wide experience in providing IT Security Services, Training, and Certification in the field of cybersecurity.

Anxinsec

Anxinsec

Anxinsec Technology is a security solution and service provider with a focus on new technology and innovations in cybersecurity.

Insight Enterprises

Insight Enterprises

Insight is a leading solutions integrator, helping you navigate today’s ever-changing business environment with teams of technical experts and decades of industry experience.

U2opia Technology

U2opia Technology

U2opia is a consortium with a proven track record of delivering groundbreaking technology, cybersecurity, and innovative business solutions.

Turngate

Turngate

Turngate simplify security investigations so you can see employee activities and entitlements in your enterprise in seconds.

SIGLA Group

SIGLA Group

SIGLA Group specialize in the design and development of IT and OT solutions, from analysis to design, from implementation to commissioning, as well as consultancy, training and assistance.