Russia Affected By Mysterious Nationwide Internet Outage
Russian residents s could not access their of websites on the country’s .ru domain for most of the day last Tuesday 30th January. This problem included the Yandex search engine, the VKontakte social media platform, the major state-owned bank Sberbank and a number of news outlets.
The issue was apparently caused by an IT issue with the .ru domain’s global Domain Name System Security Extensions, or DNSSEC. It appeared to be unintentional, unlike other recent blackouts of Russian Internet services, which some reviewer said was government action.
DNSSEC is a group of tools that adds security to the naming system and that translates human-readable web addresses into computer-friendly IP addresses. DNSSEC also verifies the authenticity of a response from a DNS server, protecting it against IP address spoofing, which is often used by hackers in their attacks. Most complaints about Internet down-time originated from Moscow, St. Petersburg, Tatarstan, Sverdlovsk, and Novosibirsk regions, according to Russian media.
In Moscow, local residents said they couldn't pay with banking apps and access state services. Internet users abroad also couldn't access numerous Russian websites. Cash registers linked to Sberbank, which operates the largest retail payments system, failed.
The .ru outage affected hundreds of websites and Russian tech media published that the problem was caused by an incorrect DNSSEC zone signature. This cryptographic signature is applied to the DNS zone data of a specific domain to ensure the integrity and authenticity of the information. Following the initial four hours of outage the Russia’s Digital Ministry announced that that the problem had been solved, and access to most websites was working again. “The issue may continue for some time until the updated data is distributed throughout the domain name system," the statement said.
Earlier in January 2024, Russia experienced a social media black-out likely at the direction of by the state Internet regulator, Roskomnadzor. Also this had happened in a remote Russian region and was likely connected to protests there, as local authorities wanted to check how shutting down messengers could impact the protestors. The Russian
Anonymous sources said that the Russian media outlet Kommersant that this time the outage was either a mistake made by the DNSSEC zone administrator, the Russian coordination centre for .ru domains, or its contractors.
Russia’s Net Freedoms Project said that the latest outage could be an attempt by the Kremlin to test a National Domain Name System (NDNS) aimed at isolating the Russian Internet from the rest of the world. Russian Internet regulators have said that subscribers to NDNS did not experience outages on Tuesday 30th January.
Andrey Vorobyov, director of the Domain Coordination Centre, confirmed their dedication to resolving the technical problem. ’We are working on a technical problem, I can’t talk now,’ said Vorobyov. The Ministry of Digital Development insisted: “In the near future, access to sites in the .ru zone will be restored. ’A technical issue has occurred affecting the .RU zone associated with the global DNSSEC infrastructure.’
On the same day as the Russian Internet shutdown, Ukraine’s Defense Intelligence (HUR) said that it taken out a server used by Russia’s defence ministry, disrupting communications for some of Moscow’s military units. “As a result of the cyberattack, the exchange of information between the units of the Russian Ministry of Defence, which used the mentioned server located in Moscow, was suspended,” HUR said. The Kremlin’s own site was temporarily hit as were other Russian government sites.
Russia Ministry of Digital Development: RUPOR: The Record: Xa6p: Kommersant: NetFreedoms:
Ukraine Defence Ministry: Security Boulevard: Bloomberg: Metro: Image: Behnam Norouzi
You Might Also Read:
Ukraine’s Cyber Conflict With Russia:
___________________________________________________________________________________________
If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.
- Individual £5 per month or £50 per year. Sign Up
- Multi-User, Corporate & Library Accounts Available on Request
- Inquiries: Contact Cyber Security Intelligence
Cyber Security Intelligence: Captured Organised & Accessible