Russia Affected By Mysterious Nationwide Internet Outage

Russian residents s could not access their of websites on the country’s .ru domain for most of the day last Tuesday 30th January. This problem included the Yandex search engine, the VKontakte social media platform, the major state-owned bank Sberbank and a number of news outlets.

The issue was apparently caused by an IT issue with the .ru domain’s global Domain Name System Security Extensions, or DNSSEC. It appeared to be unintentional, unlike other recent blackouts of Russian Internet services, which some reviewer said was  government action.

DNSSEC is a group of tools that adds security to the naming system and that translates human-readable web addresses into computer-friendly IP addresses. DNSSEC also verifies the authenticity of a response from a DNS server, protecting it against IP address spoofing, which is often used by hackers in their attacks. Most complaints about Internet down-time originated from Moscow, St. Petersburg, Tatarstan, Sverdlovsk, and Novosibirsk regions, according to Russian media. 

In Moscow, local residents said they couldn't pay with banking apps and access state services. Internet users abroad also couldn't access numerous Russian websites. Cash registers linked to Sberbank, which operates the largest retail payments system, failed.

The .ru outage affected hundreds of websites and Russian tech media published that the problem was caused by an incorrect DNSSEC zone signature. This cryptographic signature is applied to the DNS zone data of a specific domain to ensure the integrity and authenticity of the information. Following the initial four hours of outage the Russia’s Digital Ministry announced that that the problem had been solved, and access to most websites was working again. “The issue may continue for some time until the updated data is distributed throughout the domain name system," the statement said.

Earlier in January 2024, Russia experienced a social media black-out likely at the direction of  by the state Internet regulator, Roskomnadzor. Also this had  happened in a remote Russian region and was likely connected to protests there, as local authorities wanted to check how shutting down messengers could impact the protestors. The Russian 

Anonymous sources said that the Russian media outlet Kommersant that this time the outage was either a mistake made by the DNSSEC zone administrator, the Russian coordination centre for .ru domains, or its contractors.

Russia’s Net Freedoms Project said that the latest outage could be an attempt by the Kremlin to test a National Domain Name System (NDNS) aimed at isolating the Russian Internet from the rest of the world. Russian Internet regulators have said that subscribers to NDNS did not experience outages on Tuesday 30th January. 

Andrey Vorobyov, director of the Domain Coordination Centre, confirmed their dedication to resolving the technical problem. ’We are working on a technical problem, I can’t talk now,’ said Vorobyov. The Ministry  of Digital Development insisted: “In the near future, access to sites in the .ru zone will be restored. ’A technical issue has occurred affecting the .RU zone associated with the global DNSSEC infrastructure.’

On the same day as the Russian Internet shutdown, Ukraine’s Defense Intelligence (HUR) said that it taken out a server used by Russia’s defence ministry, disrupting communications for some of Moscow’s military units. “As a result of the cyberattack, the exchange of information between the units of the Russian Ministry of Defence, which used the mentioned server located in Moscow, was suspended,” HUR said. The Kremlin’s own site was temporarily hit as were other Russian government sites.

Russia Ministry of Digital Development:    RUPOR:   The Record:   Xa6p:    Kommersant:   NetFreedoms:  

Ukraine Defence Ministry:     Security Boulevard:    Bloomberg:      Metro:     Image: Behnam Norouzi

You Might Also Read: 

Ukraine’s Cyber Conflict With Russia:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible


 

 

« Fast Forward - Technology Developments By 2040
Lush Employee Data Stolen »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

Watch this webinar to hear security experts from Amazon Web Services (AWS) and SANS break down the myths and realities of what an NGFW is, how to use one, and what it can do for your security posture.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

ACIS Professional Center

ACIS Professional Center

ACIS provides training and consulting services in the area of information technology, cybersecurity, IT Governance, IT Service management, information security and business continuity management.

City Security Magazine

City Security Magazine

City Security magazine helps promote best security practices and keep businesses informed on a wide variety of security-related issues.

International Association of Professional Security Consultants (IAPSC)

International Association of Professional Security Consultants (IAPSC)

Members of the IAPSC represent a unique group of respected, ethical and competent security consultants.

IntaForensics

IntaForensics

IntaForensics offer a full range of digital investigation services and are able to adapt to the individual needs of solicitors, private clients, Law Enforcement Agencies and commercial businesses.

Detectify

Detectify

Detectify is a web security service that simulates automated hacker attacks on your website, detecting critical security issues before real hackers do.

Allegro Software

Allegro Software

Allegro provide secure software for the Internet of Things.

Magal Security Systems (Magal S3)

Magal Security Systems (Magal S3)

Magal Security Systems is a leading international provider of integrated solutions and products for physical and cyber security, safety and site management.

PRESENSE Technologies

PRESENSE Technologies

PRESENSE Technologies specializes in monitoring and enforcing IT security policies at critical points in the network and on end systems.

Private Internet Access

Private Internet Access

Private Internet Access is a Virtual Private Network services provider offering secure encrypted access to the internet.

VerSprite

VerSprite

VerSprite is a specialist information security consulting firm. We provide organizations with detection across all their attack surfaces and deliver critical insight into all possible attack methods.

Cyber Craft

Cyber Craft

CyberCraft is an innovative and dynamic software development, outsourcing and consulting company. Services offered include penetration testing.

SOSA

SOSA

SOSA facilitates new growth opportunities by connecting the dots between industry verticals and innovation ecosystems around the world.

Zyston

Zyston

Zyston's solutions provide end-to-end management of your cybersecurity needs. Our range of services help protect your business where it needs it the most.

Limes Security

Limes Security

Limes Security GmbH is the leading OT Security expert in the German-speaking region of Europe.

ProvenRun

ProvenRun

ProvenRun is a leading provider of trusted software solutions with extensive expertise and an unwavering commitment to security.

CyberSalus

CyberSalus

CyberSalus is a pioneering cyber tech services company dedicated to protecting the digital integrity of healthcare organizations.