Russia Will Try Leaving The Global Internet

Russia will test its internal RuNet network to see whether the country can function without the global Internet. The tests will begin after November 1st and will recur at least annually, and possibly more frequently. 

It’s the latest move in a series of technical and policy steps intended to allow the Russian government to cut its citizens off from the rest of the world. The exercises follow April’s passage of the Internet Law that will require all Internet traffic in Russia to pass through official checkpoints, allowing the government to shut down foreign access.

The reason for the experiment is to gather insight and provide feedback and modifications to a proposed law introduced in the Russian Parliament last year. 

A first draft of the law mandated that Russian internet providers should ensure the independence of the Russian internet space (Runet) in the case of foreign aggression to disconnect the country from the rest of the internet. In addition, Russian telecom firms would also have to install "technical means" to re-route all Russian Internet traffic to exchange points approved or managed by Roskomnazor, Russia's telecom watchdog. 

Background
In 2016, Russia launched the Closed Data Transfer Segment: basically, a big military Intranet for classified data, similar to the Pentagon’s Joint Worldwide Intelligence Communications System. The following year, Russia said that it intends to build its own domain name directory, which would allow it to re-route Internet traffic.  Last year, Putin’s top IT advisor Herman Klimenko and others suggested that the military intranet, properly expanded, might be able to carry the rest of the country’s Internet traffic. 

Klimenko cautioned that moving to the new system would be painful, and as recently as March, Gen. Paul Nakasone, director of US Cyber Command and the NSA, expressed doubt that Russia would succeed. Samuel Bendett, an adviser at the CNA Corporation and a fellow in Russia studies at the American Foreign Policy Council, said the announcement shows that the Russian government wants to address any strategic vulnerability which is reliance on Western IT. 

“The larger context is Russia’s dependence as a nation on imported/foreign hi-tech and the perceived vulnerabilities that Russia sees in such technology use..... With so many government, public, and private-sector nodes using such foreign tech, the Russian government is seeking to impose a measure of control over how Internet communication over this technology is conducted,” Bendett said. 

“In the event of what the government sees as outside influence affecting RuNet, the state can act, hence the annual exercise.”

RuNet isn’t expected to improve the online experience for Russian people or companies. It’s all about control, making the country more technologically independent, and reducing the Putin regime’s vulnerability to popular uprising.
“The Russian government, particularly since seeing the role social media played in the Arab Spring, has wanted over the last decade to exert tight control over the online information space within Russia’s borders,” said Justin Sherman, a cybersecurity policy fellow at New America.

As the Russian government has built infrastructure that can disconnect Russia from the global Internet, it has also worked to limit Russian citizens’ access to sites and services that allow citizens to mobilise and protest. Access to services such as LinkedIn, Zello, and Telegram is limited by a 2006 Russian law that requires foreign companies to open their software to Russian security services and to hand user data to law enforcement agencies. Sherman said the passage of the sovereign internet law is one more item in this trend.

“When Russia passed its domestic internet bill into law, it wasn’t clear how much the government would actually work to make it happen, but now it’s clear they do intend to modify systems so the internet within Russian borders can be cut off from the global net at will,” Sherman said. 

“They also line up with a series of international pushes by authoritarian governments to make ‘cyber sovereignty’ of this kind more palatable to the global community.”

Euronews:     Defense One:        ZDNet:      

You Might Also Read: 

Russia Will Build A Separate Internet Directory:

Great Wall: China Bans Foreign Online Publishing:

 


 

 

« A £370m Investment To Boost AI In Britain
2020 Will Be A Landmark Year For AI »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

DeviceLock

DeviceLock

DeviceLock is a leading provider of endpoint device/port control and data leak prevention software.

Cyber Security Centre - University of Hertfordshire

Cyber Security Centre - University of Hertfordshire

The Cyber Security Centre provides training, teaching and research in the fast paced topics of cyber security and digital forensics.

Advanced Resource Managers (ARM)

Advanced Resource Managers (ARM)

ARM provide specialist recruitment services for technology and engineering including cyber security.

Panaseer

Panaseer

Panaseer is an enterprise cybersecurity automation and data analytics company that helps organizations stop preventable breaches by ensuring security controls are working effectively.

SERMA Safety & Security (S3)

SERMA Safety & Security (S3)

SERMA Safety & Security provides a comprehensive cybersecurity offering incorporating Expertise, Evaluation, Consultancy and Training, covering hardware, software and information systems.

National Cyber Security Centre (CNCS) - Portugal

National Cyber Security Centre (CNCS) - Portugal

CNCS is the operational coordinator and Portuguese national authority in cybersecurity working with State entities, and digital service providers

Luxembourg Institute of Science & Technology (LIST)

Luxembourg Institute of Science & Technology (LIST)

LIST is a mission-driven Research and Technology Organisation. Areas of research include IT and aspects of IT security.

Entrust

Entrust

Entrust is a global leader in digital security, identities, payments, and data protection.

Privitar

Privitar

Privitar is leading the development and adoption of privacy engineering technology enabling our customers to innovate and leverage data with an uncompromising approach to data privacy.

Security BSides

Security BSides

Security BSides is the first grass roots, DIY, open security conference in the world!. BSides is a community-driven framework for building events for and by information security community members.

Toothpic

Toothpic

ToothPic has invented, designed, developed and patented a solution to enable companies to turn every smartphone into a secure key for a user-friendly online authentication.

Redsquid

Redsquid

At Redsquid we are all about making a difference to our customers with the use of technology, as an innovative provider of solutions within IoT, Cyber security, ICT, Data Connectivity & Voice.

Blacksands

Blacksands

Blacksands is a leader in network architecture, identity & services management, threat analysis, industrial IoT architecture, and invisible dynamic networks.

Appalachia Technologies

Appalachia Technologies

Appalachia is a full service Managed Services Provider with a focus on cybersecurity, backed by the best engineers.

Daisy Corporate Services

Daisy Corporate Services

Daisy is one of the largest providers of communications and IT solutions across the UK, with a portfolio spanning unified communications, cloud, cyber security and resilience.

Sword Group

Sword Group

Sword is a leader in data insights, digital transformation and technology services with a substantial reputation in complex IT, business projects and mission critical operations.