Russia Plans To Monitor Internet Access

Uploaded on 2019-05-02 in INTELLIGENCE-Hot Spots-Russia, GOVERNMENT-National, FREE TO VIEW, BUSINESS-Services-Law, TECHNOLOGY-Key Areas-Social Media

The Russian government is one step away from essentially cutting its population off from the global Internet. 

The controversial “sovereign Internet law” passed recently by the legislature’s upper house needs only President Vladimir Putin’s signature to require online traffic to pass through servers run by the government’s Internet regulation agency by 2021, allowing the Kremlin to much better observe and control what Russian citizens are doing. 

Putin has long talked up the idea of a firewalled Russian Internet, claiming that his government needs a better defense against cyber-attacks from the West.

“But it’s more likely motivated by the Kremlin’s desire to control the flow of information online,” said Justin Sherman, Cybersecurity Policy Fellow at New America.

The move is not popular among Russians concerned about freedom of expression, notes Irina Borogan, deputy editor of Agentura.Ru, an independent Russian news site.

“There is a lot of protests against the law. Activists, some politicians and Internet users openly expressed their outrage,” Borogan said. “But main local telecoms supported the law because the Kremlin promised not to charge them for the black boxes.”

The new law is the latest and most far-reaching legal action to limit Russians’ ability to interact with the outside world. Earlier such moves curbed access to Western social media services such as Linkedin and messaging services such as Zello. In 2016, when Russia was exchanging encrypted messages with Julian Assange and Wikileaks in a bid to undermine the US election, Russian lawmakers authorised the government to read encrypted messages and save message content from Russian citizens for six months.

The new sovereign Internet law also requires internet service providers to use Russia’s internal domain name service. This will allow the government, for example, to redirect searches from independent news organisations to pro-government websites.

“Ultimately, this boils down to the fact that the Russian government, its military, and its security services regard the population’s unrestricted Internet, social media, and mobile access as a significant vulnerability in what they see as future Western efforts to launch information and cyber ops against the state in order to disorient, confuse and otherwise divide the population and the government,” said Samuel Bendett, research analyst with the Center for Naval Analyses’ International Affairs Group

“Therefore, monitoring user content and recording user information is seen as pivotal in such a defensive effort.”

“The Russian government saw what such free information access can do in other countries, and defensive information operations is now part of the defense strategy,” Bendett said. “Therefore, access to user data is seen as key in preventing what Moscow sees as Western efforts to ferment some kind of ‘color revolution’ in the country.”

The NGO Human Rights Watch issued the following statement: “These proposals are very broad, overly vague, and vest in the government unlimited and opaque discretion to define threats. They carry serious risks to the security and safety of commercial and private users and undermine the right to freedom of expression, access to information and media freedom.”

Last year, the Russian government was working on a related project: setting up an intranet for its own use, a project that Herman Klimenko, one of Putin’s top technical advisors, described as “painful.”

Borogan said the new firewall will be a drag on Russian businesses. “Experts say that the implementation of the law can slow down the Internet in Russia, which will have a negative effect on the economy.” As the rest of the world races to build networks with higher speeds and lower latency, Russia appears to be going in the opposite direction.

Still, the new firewall may encourage the government, the military, and its hired hackers to launch more, and more disruptive, cyber-attacks.

Said Sherman, “If Russia’s internet is isolated from the global one, it’s also possible that may remove or diminish some disincentives for the Russian government to wreak more havoc on the global network. 

“The state’s manipulation of the Border Gateway Protocol that routes global internet traffic, for instance, might be a more attractive cyber option should Russia know its own systems are insulated from the potential damage.”

DefenseOne

You Might Also Read: 

Russia Will Build A Separate Internet Directory:

China's Great Wall Into Russian Cybersecurity:

 

 

« GCHQ Chief Wants A Big Effort To Improve British Cybersecurity
Cyber Criminals Are Catching Up With Nation-state Hackers »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Radiant Logic

Radiant Logic

Radiant Logic is a market-leading provider of federated identity solutions based on virtualization, and delivers simple, logical, and standards-based access to all identities within an organization.

MarQuest

MarQuest

MarQuest provides services and systems to enhance network reliability and security.

MSAB

MSAB

MSAB is a pioneer in forensic technology for mobile device examination.

OpenSphere

OpenSphere

OpenSphere is an IT company providing security consultancy, information system risk management and security management services.

CyberVista

CyberVista

CyberVista is a cybersecurity training education and workforce development company. Our mission is to eliminate the skills gap by creating job ready professionals.

Idaho National Laboratory (INL)

Idaho National Laboratory (INL)

INL is an applied engineering laboratory dedicated to supporting the US Dept of Energy's missions in energy research, nuclear science and national defense including critical infrastructure protection.

Computest

Computest

Computest security testing services include Mobile app security, Vulnerability assessments, Attack & penetration testing, Security awareness training, Network security assessments.

Sistem Integra (SISB)

Sistem Integra (SISB)

SISB provide IT Security Infrastructure & Development, Mechanical & Electrical Services, Fire Safety & Detection Services, Facilities Management & Application Development.

Devel

Devel

Devel is a LATAM cybersecurity company specialized in providing red, blue and purple team services for the financial sector.

BHC Laboratory

BHC Laboratory

BHC Laboratory is a cyber capabilities’ development company for a wide range of global customers.

S2T

S2T

S2T builds cyber intelligence solutions based on deep expertise in diverse domains such as intelligence, machine learning and AI, big data processing, statistics and linguistics.

Concentric

Concentric

Concentric Data Risk Monitoring and Protection. Deep Learning to discover, monitor and remediate risks to sensitive data on-premises and in the cloud.

Kinnami Software

Kinnami Software

Kinnami is a data security company that equips organizations with the tools they need to secure and protect highly confidential documents and data.

Defensity

Defensity

Defensity offer bespoke & pre packaged IT Security Solutions for Small business to help companies reduce overall IT related risk.

Cygenta

Cygenta

Cygenta brings a new approach to cybersecurity. We understand that true security means having digital, human and physical security working in harmony.

Cyber Defense International (CDI)

Cyber Defense International (CDI)

At CDI, we utilize decades of experience in designing and building large-scale cybersecurity programs, creating tailored solutions and services that protect businesses from cyber threats.