Russia’s Attack On Web Freedom

Uploaded on 2017-02-07 in INTELLIGENCE-Hot Spots-Russia, GOVERNMENT-National, FREE TO VIEW, NEWS-News Analysis

Two years have passed since Edward Snowden exited Moscow’s Sheremetyevo airport and began a new life in exile. His revelations of hitherto unknown US and UK programmes of mass surveillance initiated a global debate, and some minor reforms. 

President Obama vowed to stop spying on Angela Merkel and other friendly western leaders. But what happened in Russia, the host country where Snowden now appears to be indefinitely stuck?

The answer is a dispiriting one, at least according to Andrei Soldatov and Irina Borogan, two brave Moscow-based journalists who have followed the development of the Russian internet since its earliest days. The timing of Snowden’s arrival in Russia in summer 2013 was lousy, they write. The Kremlin was in the middle of a large-scale offensive against internet freedoms.

Russia’s spy agencies have the ability to snoop on emails via Sorm, a sophisticated system first developed by the KGB to eavesdrop on phone calls. 

The FSB’s (Federal Security Service) legal powers go well beyond those of the US National Security Agency or GCHQ. Russian internet service providers are obliged to install Sorm black boxes; they have no clue as to what Russian intelligence agents choose to intercept.

Soldatov and Borogan argue that what troubles Vladimir Putin is that the servers of big global platforms such as Facebook and Twitter are located in the US. Russia’s president takes a dim view of the Internet, which he personally doesn’t use. 

In 2014 he dubbed it a “CIA project”. The challenge for the Russian authorities, as they saw it, was to force these US-hosted platforms to relocate their servers to Russian territory. There, of course, the state could control them.

Soldatov and Borogan are Russia’s foremost experts on Putin’s security services and the founders of the website Agentura.ru. At a time when investigative journalism is practically extinct in Russia they have courageously kept going. 

The Red Web is a masterful account of the struggle between two opposing forces, the Kremlin and its longstanding desire to control information versus the unruly and horizontally mediated world of ordinary digital citizens.

Soldatov and Borogan argue that Snowden’s unexpected presence in Moscow, he was trying to get to Latin America, was a gift to the Kremlin. Snowden might have hoped that his revelations would trigger a debate inside Russia over domestic Internet surveillance, and its limits, as they had in most of the western world. (The exception is Britain, where details of the government’s mass data-scooping were met with a yawn.)

Instead, the Russian authorities gleefully used Snowden and his leaks as a pretext to roll out new repressive measures. Russia’s federal agency for supervising communications, Roskomnadzor, blacklisted sites under a deliberately fuzzy law prohibiting “extremism”. Bloggers with more than 3,000 followers were forced to register with the government. Independent news portals, including one run by former chess champion Garry Kasparov, were banned. All this was done under the banner of “digital sovereignty”.

Meanwhile, Sorm was beefed up. Another law compelled phone companies and internet providers to keep data for 12 hours, so the state might examine it. The FSB got a new and powerful weapon too: deep packet inspection or DPI. This allows the agency to read everyone’s emails and to weed out websites belonging to those it deems to be politically unacceptable.

Moscow turned up the heat up on foreign platforms too. Soon after Putin seized Crimea, it asked Twitter to close the account of the far-right Ukrainian party, Pravy Sektor. Twitter complied. The response generally from western tech giants to the Kremlin’s onslaught against free speech was remarkably spineless. Google, Twitter and Facebook all scurried to Moscow to meet with government representatives.

Soldatov and Borogan are scathing about Snowden’s response to all this. Apart from one question to Putin during a 2014 televised phone-in, when he asked about Russia’s surveillance practices, Snowden has been silent. He doesn’t comment on Russian affairs. He gives interviews to visiting Americans and others, but won’t meet Russian reporters or Moscow-based foreign correspondents. Soldatov and Borogan tried to see him and failed.

In Snowden’s defence, his reluctance to criticise the Kremlin is understandable: he is a man with few options. Negotiations to cut a deal with the US administration petered out some time ago, and if he returns home Snowden faces espionage charges that don’t allow him a public-interest defence. 

One suspects he would like to say more about Russia’s Internet clampdown. And Snowden is this century’s most important whistleblower, not a Russian agent, as his lazier critics have claimed.
Still, Soldatov and Borogan suggest he has failed to rise to the challenges of his situation. Snowden is fond of quoting the UN declaration of human rights, they note, but ended up in a country with a miserable human rights record. 

For months, they add, he pretended he wasn’t in Russia “but just somewhere”. In the words of Stas Kozlovsky, the leader of Russia’s Wikipedia community, which were said in sorrow not anger: “Snowden could have done good things globally, but for Russia he was a disaster.”

Since Putin’s undercover invasion of eastern Ukraine the attack on the country’s independent media, what’s left of it, has got worse. The Kremlin uses an array of methods. They include denial-of-service attacks against opposition websites, and an army of paid “trolls” who post pro-Putin comments on Russian and western news outlets, including the Guardian. The trolls sit in a comfortable glass office in St Petersburg. They earn $900 a month, the authors report.

In recent months, Russia’s two homegrown internet giants – the search engine Yandex and social networking site VKontakte – have come under pressure. VKontakte’s founder Pavel Durov fled after two Kremlin-friendly billionaires bounced him from the company. Another oligarch, Alexander Mamut, fired the editor of the website Lenta.ru after it carried an interview with a Ukrainian nationalist leader. (Mamut owns the Waterstones bookshop chain and has a son at a British boarding school.)

The Russian state doesn’t always prevail, though. Predictably, Roskomnadzor banned a blog by the anti-corruption campaigner Alexei Navalny. A computer geek called Ruslan Leviev found a technical way of outwitting this censorship, and Navalny’s journal remains online. Putin insists Russian troops are not fighting in Ukraine; investigative journalists didn’t puncture the lie – rather, it was Russian soldiers who exposed it by posting photos of themselves on VKontakte.

Soldatov and Borogan’s previous book, The New Nobility, is a lucid study of how the FSB became Russia’s pre-eminent institution. The Red Web is good at tracing how the spy agency’s modern tools of digital repression build directly on technologies devised and perfected, often with extraordinary creative skill, during the long KGB era. For example, the KGB set up secret acoustic laboratories dedicated to creating a secure telephone system. 

They also pioneered technologies that allowed its spies to recognise the identity of a speaker on the phone. This clandestine science got its own name: phonoscopy.

The KGB’s efforts to keep a lid on information were extensive, with paranoia never far away. In 1952 a young physicist called Vladimir Fridkin developed the Soviet Union’s first photocopier. Five years later he was forced to destroy it, after the KGB twigged it might be used to reproduce forbidden journals.

The Red Web is part detective story, as Soldatov and Borogan track down former KGB operatives and persuade them to talk. They meet a woman “controller” whose job it was to sit for hours in front of a whirring tape machine in one of the KGB’s gloomy secret recording studios. This was tedious work and, as espionage goes, not terribly efficient: Soviet phone lines were often poor and it took hours for the controllers to transcribe what they had heard. The Kremlin’s instincts were totalitarian; reality was messy and incomplete.

Few of those involved in spying on their fellow citizens, express regret. The journalists meet an ex-KGB engineer who, after the fall of the Soviet Union, set up a private company specialising in speech recognition. The firm flogs its technology to the FSB and to despotic regimes around the world, where it is used to catch dissidents. Asked if he had any qualms, the engineer shrugged: “We just come up with the hardware.”

Guardian:          Russia To Block LinkedIn:          For Russian journalists fighting hacks is part of the job:
 

 

« US And UK Agree To Take On Islamic State In Cyberspace
Lloyds Bank Cyber Attack »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

IMS Networks

IMS Networks

IMS Networks specializes in the design and management of high criticality networks and telecoms services including network security and Managed Security Services.

National Information Security & Safety Authority (NISSA) - Libya

National Information Security & Safety Authority (NISSA) - Libya

NISSA is responsible for safeguarding the integrity, availability and resilienceof ICT infrastructure, resources, services and data in Libya.

DomainTools

DomainTools

DomainTools helps security analysts turn threat data into threat intelligence.

Exatel

Exatel

Exatel is Poland’s leading provider of ICT security services.

Swiss Cyber Storm

Swiss Cyber Storm

Swiss Cyber Storm is a non profit organization hosting the international Swiss Cyber Storm Conference and running the Swiss part of the European Cyber Security Challenges.

National Digital Exploitation Centre (NDEC) - United Kingdom

National Digital Exploitation Centre (NDEC) - United Kingdom

NDEC is a project to create a centre of cyber and digital development and education for the UK. It will offer training in digital practices, cyber security and research.

CRI4DATA

CRI4DATA

CRI4DATA's mission is to help organizations build their resilience to cyber risk.

Council to Secure the Digital Economy (CSDE)

Council to Secure the Digital Economy (CSDE)

CSDE brings together companies from across the ICT sector to combat increasingly sophisticated and emerging cyber threats through collaborative actions.

Vigilant Technology Solutions

Vigilant Technology Solutions

Vigilant is a global cyber security technology company offering solutions to manage entire IT & cyber security lifecycles.

LTIMindtree

LTIMindtree

LTIMindtree is a new kind of technology consulting firm. We help businesses transform – from core to experience – to thrive in the marketplace of the future.

Cyber Command - Romania

Cyber Command - Romania

Cyber Command represents the military authority responsible for the development, protection and resilience of military IT networks and services that support the Romanian Force Structure.

SecureOps

SecureOps

SecureOps is transforming the Managed Security Service Provider industry by providing tailored cybersecurity solutions proven to protect organizations from cyberattacks.

Oxford Internet Institute - University of Oxford

Oxford Internet Institute - University of Oxford

The Oxford Internet Institute is a multidisciplinary research and teaching department of the University of Oxford, dedicated to the social science of the Internet.

DruvStar

DruvStar

DruvStar provides B2B cybersecurity around threat management to strengthen businesses across attack vectors.

TrafficGuard

TrafficGuard

TrafficGuard is an award-winning digital ad verification and fraud prevention platform.

Cyderes

Cyderes

Cyderes (Cyber Defense and Response) is a global, pure-play, full life-cycle cyber security services provider formed from the merger of Herjavec Group and Fishtech Group in 2022.