Russia Affected By Mysterious Nationwide Internet Outage

Uploaded on 2024-02-02 in INTELLIGENCE-Hot Spots-Russia, FREE TO VIEW

Russian residents s could not access their of websites on the country’s .ru domain for most of the day last Tuesday 30th January. This problem included the Yandex search engine, the VKontakte social media platform, the major state-owned bank Sberbank and a number of news outlets.

The issue was apparently caused by an IT issue with the .ru domain’s global Domain Name System Security Extensions, or DNSSEC. It appeared to be unintentional, unlike other recent blackouts of Russian Internet services, which some reviewer said was  government action.

DNSSEC is a group of tools that adds security to the naming system and that translates human-readable web addresses into computer-friendly IP addresses. DNSSEC also verifies the authenticity of a response from a DNS server, protecting it against IP address spoofing, which is often used by hackers in their attacks. Most complaints about Internet down-time originated from Moscow, St. Petersburg, Tatarstan, Sverdlovsk, and Novosibirsk regions, according to Russian media. 

In Moscow, local residents said they couldn't pay with banking apps and access state services. Internet users abroad also couldn't access numerous Russian websites. Cash registers linked to Sberbank, which operates the largest retail payments system, failed.

The .ru outage affected hundreds of websites and Russian tech media published that the problem was caused by an incorrect DNSSEC zone signature. This cryptographic signature is applied to the DNS zone data of a specific domain to ensure the integrity and authenticity of the information. Following the initial four hours of outage the Russia’s Digital Ministry announced that that the problem had been solved, and access to most websites was working again. “The issue may continue for some time until the updated data is distributed throughout the domain name system," the statement said.

Earlier in January 2024, Russia experienced a social media black-out likely at the direction of  by the state Internet regulator, Roskomnadzor. Also this had  happened in a remote Russian region and was likely connected to protests there, as local authorities wanted to check how shutting down messengers could impact the protestors. The Russian 

Anonymous sources said that the Russian media outlet Kommersant that this time the outage was either a mistake made by the DNSSEC zone administrator, the Russian coordination centre for .ru domains, or its contractors.

Russia’s Net Freedoms Project said that the latest outage could be an attempt by the Kremlin to test a National Domain Name System (NDNS) aimed at isolating the Russian Internet from the rest of the world. Russian Internet regulators have said that subscribers to NDNS did not experience outages on Tuesday 30th January. 

Andrey Vorobyov, director of the Domain Coordination Centre, confirmed their dedication to resolving the technical problem. ’We are working on a technical problem, I can’t talk now,’ said Vorobyov. The Ministry  of Digital Development insisted: “In the near future, access to sites in the .ru zone will be restored. ’A technical issue has occurred affecting the .RU zone associated with the global DNSSEC infrastructure.’

On the same day as the Russian Internet shutdown, Ukraine’s Defense Intelligence (HUR) said that it taken out a server used by Russia’s defence ministry, disrupting communications for some of Moscow’s military units. “As a result of the cyberattack, the exchange of information between the units of the Russian Ministry of Defence, which used the mentioned server located in Moscow, was suspended,” HUR said. The Kremlin’s own site was temporarily hit as were other Russian government sites.

Russia Ministry of Digital Development:    RUPOR:   The Record:   Xa6p:    Kommersant:   NetFreedoms:  

Ukraine Defence Ministry:     Security Boulevard:    Bloomberg:      Metro:     Image: Behnam Norouzi

You Might Also Read: 

Ukraine’s Cyber Conflict With Russia:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

 

« Fast Forward - Technology Developments By 2040
Lush Employee Data Stolen »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Digitronic Computersysteme

Digitronic Computersysteme

Digitronic focus on innovative software to protect your personal and sensitive corporate data.

Exonar

Exonar

We enable organisations to better organise their information, removing risk and making it more productive and secure.

UM Labs

UM Labs

UM Labs is a developer of security products for Voice over IP (VoIP), protecting SIP trunk connections, safeguarding mobile phone communications and enabling BYOD.

Indusface

Indusface

Indusface offers best website security, web application firewall and SSL certificate to keep your online business much safer.

CyberGRX

CyberGRX

The CyberGRX Exchange and our risk assessments-as-a-service help Enterprises and Third Parties cost-effectively identify, prioritize and mitigate risk.

SecureThings

SecureThings

SecureThings focus is to provide guidance and technology to secure connected vehicles in order to build end-to-end security for the automotive industry.

Blackbird.AI

Blackbird.AI

Blackbird.AI provides an intelligence and early-warning system to help users detect disinformation and take action against threats.

PPC Protect

PPC Protect

PPC Protect is an entirely automated click fraud prevention solution.

eMazzanti Technologies

eMazzanti Technologies

eMazzanti Technologies provides IT consulting services for businesses ranging from home offices to multinational corporations throughout the USA and internationally.

NXTsoft

NXTsoft

NXTsoft’s solutions help businesses secure, connect and optimize their data to maximize revenue opportunities, enhance profitability, and mitigate cybersecurity risk.

Sentrium Security

Sentrium Security

Sentrium is committed to helping organisations protect their technology, information and people. Our range of bespoke services provide solutions to tackle a broad range of cyber security challenges.

NSI Global

NSI Global

NSI Global is a specialist Global Risk and Intelligence Advisory Firm that has built a reputation for consistently managing complex projects.

Censinet

Censinet

Censinet provides the first and only third-party risk management platform for healthcare organizations to manage the threats to patient care that exist within an expanding ecosystem.

Sekoia.io

Sekoia.io

Sekoia.io is a European cybersecurity company whose mission is to develop the best protection capabilities against cyber-attacks.

Leostream

Leostream

Leostream's Remote Desktop Access Platform enables seamless work-from-anywhere flexibility while maintaining security and constant visibility of users.

BCX

BCX

BCX, a subsidiary within Telkom Group, is one of Africa’s largest systems integrator and digital transformation partners for enterprises and public sector organisations.