Russia May Disconnect From The Internet

What if the world wide web suddenly went dark? No Netflix? No YouTube? No Facebook? While this may sound like bliss for some, the full extent of our reliance on Internet would quickly become evident and it would be catastrophic.

This may be why Russia has suddenly become so interested in ensuring its Internet is isolated, entirely internal and resilient.

It’s no secret that Moscow has one of the most effective cyber-attack capabilities in the world. It has been blamed for a recent spate of incidents, such as the hack of the US Democratic Party server and sabotage of Ukrainian power plants and businesses.

Recently, four Russian intelligence agents were expelled from the Netherlands after being caught attempting to hack a chemical weapons analysis facility investigating the Novichok nerve-agent attack on the UK city of Salisbury. So it really comes as no surprise that the Kremlin wants to isolate its own internet from the rest of the world. Russia is planning to briefly shutdown their Internet, as part of a testing of its cyber-defences. This is laid out in a new law which was proposed in December with the intention of making Runet, (Russia’s Internet) independent.

The test will mean data passing between Russian citizens and organisations stays inside the nation rather than being routed internationally and the government wants to test this process by April 1st this year.

How does a Country Unplug itself from the Internet? 
It's important to understand a little about how the Internet works. It is essentially a series of thousands of digital networks along which information travels. It has no central management and it relies on many different infrastructures from undersea cables, and satellites and connecting and sending systems all over the globe. These networks are connected by router points, and they are notoriously the weakest link in the chain.

What Russia wants to do is to bring those router points that handle data entering or exiting the country within its borders and under its control, so that it can then pull up the drawbridge, as it were, to external traffic if it's under threat, or if it decides to censor what outside information people can access.

China's firewall is probably the world's best known censorship tool and it has become a sophisticated operation. It also polices its router points, using filters and blocks on keywords and certain websites and redirecting web traffic so that computers cannot connect to sites the state does not wish Chinese citizens to see.

Major Disruption
The draft law, called the Digital Economy National Program, requires Russia's ISPs to ensure that it can operate in the event of foreign powers acting to isolate the country online. Nato and its allies have threatened to sanction Russia over the cyber-attacks and other online interference which it is regularly accused of instigating. The measures outlined in the law include Russia building its own version of the net's address system, known as DNS, so it can operate if links to these internationally-located servers are cut.

Currently, 12 organisations oversee the root servers for DNS and none of them are in Russia. However, many copies of the net's core address book do already exist inside Russia suggesting its net systems could keep working even if punitive action was taken to cut it off.

The test is also expected to involve ISPs demonstrating that they can direct data to government-controlled routing points. These will filter traffic so that data sent between Russians reaches its destination, but any destined for foreign computers is discarded.

Eventually the Russian government wants all domestic traffic to pass through these routing points. This is believed to be part of an effort to set up a mass censorship system akin to that seen in China, which tries to scrub out prohibited traffic. 

Russian news organisations reported that the nation's ISPs are broadly backing the aims of the draft law but are divided on how to do it. They believe the test will cause "major disruption" to Russian internet traffic, reports tech news website ZDNet.
The Russian government is providing cash for ISPs to modify their infrastructure so the redirection effort can be properly tested.

BBC:       News.Au:

You Might Also Read: 

Russia Is Building A Separate Military Cloud:

 

 

« China Accused Of A Cyber-Attack On Australia's Parliament
The US Pentagon Is Speeding-Up Its Cloud Strategy »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Chatham House

Chatham House

Chatham House is an independent policy institute based in London. Topics cover foreign affairs and defence including cyber security.

CrowdStrike

CrowdStrike

CrowdStrike is a global provider of security technology and services focused on identifying advanced threats and targeted attacks.

Pradeo

Pradeo

Pradeo Security offers a complete, automatic and seamless protection to mobile devices and applications, aligned with your organization security policy while preserving business agility.

SentryBay

SentryBay

SentryBay is a real-time data security company developing technology for PC, mobile, the cloud and IoT.

Open Information Security Foundation (OISF)

Open Information Security Foundation (OISF)

OISF is a non-profit organization led by world-class security experts, programmers, and others dedicated to open source security technologies.

TCPWave

TCPWave

TCPWave IPAM is the world’s first acclaimed DNS/DHCP management software to pass the most stringent Information security tests.

Cryptosense

Cryptosense

Cryptosense provides the first application security software dedicated to the detection and remediation of crypto vulnerabilities.

IBA Security

IBA Security

IBA Security is a center of competence consolidating the cybersecurity expertise of the IBA Group.

Randori

Randori

Randori is an attack platform that provides "red-teaming" as a service — basically, staging simulated hack attacks to test for vulnerabilities and gaps in the security response.

LATRO Services

LATRO Services

LATRO Services is a complete solution provider to discover, locate, and eliminate telecom fraud.

Research Institute in Verified Trustworthy Software Systems (VeTSS)

Research Institute in Verified Trustworthy Software Systems (VeTSS)

The main purpose of VeTSS is to support program analysis, testing and verification, to achieve guarantees of software correctness, safety, and security.

Resilience Cyber Insurance Solutions

Resilience Cyber Insurance Solutions

Resilience Cyber Insurance combines insurance expertise with cybersecurity and data talent to deliver clear, effective solutions to protect you for the cyberrisks of today—and tomorrow.

Cipher

Cipher

Founded in 2000, Cipher is a global cybersecurity company that delivers a wide range of Managed Security Services.

Onesecure Asia

Onesecure Asia

ONESECURE Asia’s expertise and services are built around its mission to provide reliable, robust and scalable technology solutions to cater for its customers’ needs.

OnSecurity

OnSecurity

OnSecurity replaces the overhead of traditional penetration testing firms with a simple online interface, making it easy to book tests as and when needed.

Fescaro

Fescaro

FESCARO is a trusted cybersecurity partner for global automakers and their partners, helping them transition to software-defined vehicles (SDVs) with tailored automotive software solutions.