Russia Affected By Mysterious Nationwide Internet Outage

Uploaded on 2024-02-02 in INTELLIGENCE-Hot Spots-Russia, FREE TO VIEW

Russian residents s could not access their of websites on the country’s .ru domain for most of the day last Tuesday 30th January. This problem included the Yandex search engine, the VKontakte social media platform, the major state-owned bank Sberbank and a number of news outlets.

The issue was apparently caused by an IT issue with the .ru domain’s global Domain Name System Security Extensions, or DNSSEC. It appeared to be unintentional, unlike other recent blackouts of Russian Internet services, which some reviewer said was  government action.

DNSSEC is a group of tools that adds security to the naming system and that translates human-readable web addresses into computer-friendly IP addresses. DNSSEC also verifies the authenticity of a response from a DNS server, protecting it against IP address spoofing, which is often used by hackers in their attacks. Most complaints about Internet down-time originated from Moscow, St. Petersburg, Tatarstan, Sverdlovsk, and Novosibirsk regions, according to Russian media. 

In Moscow, local residents said they couldn't pay with banking apps and access state services. Internet users abroad also couldn't access numerous Russian websites. Cash registers linked to Sberbank, which operates the largest retail payments system, failed.

The .ru outage affected hundreds of websites and Russian tech media published that the problem was caused by an incorrect DNSSEC zone signature. This cryptographic signature is applied to the DNS zone data of a specific domain to ensure the integrity and authenticity of the information. Following the initial four hours of outage the Russia’s Digital Ministry announced that that the problem had been solved, and access to most websites was working again. “The issue may continue for some time until the updated data is distributed throughout the domain name system," the statement said.

Earlier in January 2024, Russia experienced a social media black-out likely at the direction of  by the state Internet regulator, Roskomnadzor. Also this had  happened in a remote Russian region and was likely connected to protests there, as local authorities wanted to check how shutting down messengers could impact the protestors. The Russian 

Anonymous sources said that the Russian media outlet Kommersant that this time the outage was either a mistake made by the DNSSEC zone administrator, the Russian coordination centre for .ru domains, or its contractors.

Russia’s Net Freedoms Project said that the latest outage could be an attempt by the Kremlin to test a National Domain Name System (NDNS) aimed at isolating the Russian Internet from the rest of the world. Russian Internet regulators have said that subscribers to NDNS did not experience outages on Tuesday 30th January. 

Andrey Vorobyov, director of the Domain Coordination Centre, confirmed their dedication to resolving the technical problem. ’We are working on a technical problem, I can’t talk now,’ said Vorobyov. The Ministry  of Digital Development insisted: “In the near future, access to sites in the .ru zone will be restored. ’A technical issue has occurred affecting the .RU zone associated with the global DNSSEC infrastructure.’

On the same day as the Russian Internet shutdown, Ukraine’s Defense Intelligence (HUR) said that it taken out a server used by Russia’s defence ministry, disrupting communications for some of Moscow’s military units. “As a result of the cyberattack, the exchange of information between the units of the Russian Ministry of Defence, which used the mentioned server located in Moscow, was suspended,” HUR said. The Kremlin’s own site was temporarily hit as were other Russian government sites.

Russia Ministry of Digital Development:    RUPOR:   The Record:   Xa6p:    Kommersant:   NetFreedoms:  

Ukraine Defence Ministry:     Security Boulevard:    Bloomberg:      Metro:     Image: Behnam Norouzi

You Might Also Read: 

Ukraine’s Cyber Conflict With Russia:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

 

« Fast Forward - Technology Developments By 2040
Lush Employee Data Stolen »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

Watch this webinar to hear security experts from Amazon Web Services (AWS) and SANS break down the myths and realities of what an NGFW is, how to use one, and what it can do for your security posture.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Cyber DriveWare

Cyber DriveWare

DriveWare analyzes new traffic in the I/O layer and blocks malware and cyber attacks which organizations have no means to protect against.

SparkCognition

SparkCognition

SparkCognition’s AI-powered solutions enhance cybersecurity, identify and prevent equipment failures before they happen, and provide prescriptive intelligence for maintaining your most critical assets

Vector InfoTech

Vector InfoTech

Vector InfoTech is a leader in Industrial Security, Networks, IT and Telecommunications.

vdiscovery

vdiscovery

vdiscovery is a provider of proprietary and best-in-breed solutions in computer forensics, document review, and electronic discovery.

u-blox

u-blox

u-blox deliver leading wireless technology to reliably and securely locate and connect people and devices.

FastNetMon

FastNetMon

FastNetMon is a very high performance DDoS detection and mitigation tool which could detect malicious traffic in your network and immediately block it.

BalkanID

BalkanID

BalkanID is an Identity governance solution that leverages data science to provide visibility into your SaaS & public cloud entitlement sprawl.

Capgemini

Capgemini

Capgemini is one of the world's foremost providers of consulting, technology and outsourcing services. Areas of expertise include Cybersecurity.

Plex IT

Plex IT

Plex IT provides managed IT services to organisations along with managed security services.

Armolon

Armolon

Armolon provides comprehensive data breach and cybersecurity, as well cybersecurity audits and certifications, and disaster recovery/business continuity services to clients.

Telesign

Telesign

Telesign connect, protect, and defend online experiences with sophisticated digital identity and programmable communications solutions.

Snare

Snare

Snare is a comprehensive set of event monitoring and analysis tools designed to address critical auditing and security requirements.

Sonet.io

Sonet.io

Sonet.io is built for IT leaders that want a great experience for their remote workers, while enhancing security and observability.

BetterWorld Technology

BetterWorld Technology

BetterWorld Technology provides cloud solutions, managed services, SaaS, cybersecurity and virtual CIO, all customized to meet your needs.

Nerds On Site

Nerds On Site

Nerds On Site provide on-site & in-home IT and technical support, managed IT services, and cyber security through our collaborative team of highly-trained IT and Security professionals.

Airbus Protect

Airbus Protect

Airbus Protect is an Airbus subsidiary bringing together the Company’s expertise in cybersecurity, safety and sustainability-related services.