Russia May Disconnect From The Internet

Uploaded on 2019-02-19 in GOVERNMENT-National, FREE TO VIEW, BUSINESS-Services-IT & Telecoms, INTELLIGENCE-Hot Spots-Russia, TECHNOLOGY--Developments

What if the world wide web suddenly went dark? No Netflix? No YouTube? No Facebook? While this may sound like bliss for some, the full extent of our reliance on Internet would quickly become evident and it would be catastrophic.

This may be why Russia has suddenly become so interested in ensuring its Internet is isolated, entirely internal and resilient.

It’s no secret that Moscow has one of the most effective cyber-attack capabilities in the world. It has been blamed for a recent spate of incidents, such as the hack of the US Democratic Party server and sabotage of Ukrainian power plants and businesses.

Recently, four Russian intelligence agents were expelled from the Netherlands after being caught attempting to hack a chemical weapons analysis facility investigating the Novichok nerve-agent attack on the UK city of Salisbury. So it really comes as no surprise that the Kremlin wants to isolate its own internet from the rest of the world. Russia is planning to briefly shutdown their Internet, as part of a testing of its cyber-defences. This is laid out in a new law which was proposed in December with the intention of making Runet, (Russia’s Internet) independent.

The test will mean data passing between Russian citizens and organisations stays inside the nation rather than being routed internationally and the government wants to test this process by April 1st this year.

How does a Country Unplug itself from the Internet? 
It's important to understand a little about how the Internet works. It is essentially a series of thousands of digital networks along which information travels. It has no central management and it relies on many different infrastructures from undersea cables, and satellites and connecting and sending systems all over the globe. These networks are connected by router points, and they are notoriously the weakest link in the chain.

What Russia wants to do is to bring those router points that handle data entering or exiting the country within its borders and under its control, so that it can then pull up the drawbridge, as it were, to external traffic if it's under threat, or if it decides to censor what outside information people can access.

China's firewall is probably the world's best known censorship tool and it has become a sophisticated operation. It also polices its router points, using filters and blocks on keywords and certain websites and redirecting web traffic so that computers cannot connect to sites the state does not wish Chinese citizens to see.

Major Disruption
The draft law, called the Digital Economy National Program, requires Russia's ISPs to ensure that it can operate in the event of foreign powers acting to isolate the country online. Nato and its allies have threatened to sanction Russia over the cyber-attacks and other online interference which it is regularly accused of instigating. The measures outlined in the law include Russia building its own version of the net's address system, known as DNS, so it can operate if links to these internationally-located servers are cut.

Currently, 12 organisations oversee the root servers for DNS and none of them are in Russia. However, many copies of the net's core address book do already exist inside Russia suggesting its net systems could keep working even if punitive action was taken to cut it off.

The test is also expected to involve ISPs demonstrating that they can direct data to government-controlled routing points. These will filter traffic so that data sent between Russians reaches its destination, but any destined for foreign computers is discarded.

Eventually the Russian government wants all domestic traffic to pass through these routing points. This is believed to be part of an effort to set up a mass censorship system akin to that seen in China, which tries to scrub out prohibited traffic. 

Russian news organisations reported that the nation's ISPs are broadly backing the aims of the draft law but are divided on how to do it. They believe the test will cause "major disruption" to Russian internet traffic, reports tech news website ZDNet.
The Russian government is providing cash for ISPs to modify their infrastructure so the redirection effort can be properly tested.

BBC:       News.Au:

You Might Also Read: 

Russia Is Building A Separate Military Cloud:

 

 

« China Accused Of A Cyber-Attack On Australia's Parliament
The US Pentagon Is Speeding-Up Its Cloud Strategy »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

LRQA

LRQA

LRQA are a leading global assurance provider, bringing together unrivalled expertise in certification, brand assurance, cybersecurity, inspection and training.

Cobalt Labs

Cobalt Labs

Pen Testing as a Service for Modern SaaS Businesses. Cobalt is redefining the modern pen test for companies who want serious hacker-like testing built into their development cycle.

Digittrade

Digittrade

Digittrade develop and produce external encrypted hard disks and secure communications apps.

Harel Mallac Technologies

Harel Mallac Technologies

Harel Mallac Technologies is a Mauritian organisation that has developed a strong network of ICT specialists with nodes across the African continent.

SecureMe2

SecureMe2

SecureMe2 ‘s mission is to make organizations more responsive to digital threats by deploying smart technology in a highly accessible way.

Tutamantic

Tutamantic

Tutamantic develops software that reduces security risks and weaknesses during the architectural and design stages.

Beazley

Beazley

Beazley are a specialist insurer with three decades of experience in providing clients with the highest standards of underwriting and claims service worldwide.

Improsec

Improsec

Improsec is a fully independent Cyber Security advisory company - we provide knowledge, experience and both strategic and deep technical expertise to our clients.

PagerDuty

PagerDuty

PagerDuty is the central nervous system for a company’s digital operations. We identify issues in real-time and bring together the right people to respond to problems faster.

Ampcus Cyber

Ampcus Cyber

Ampcus Cyber specialize in providing comprehensive security solutions and services that are tailored to safeguard our clients' networks, infrastructure, and valuable assets.

Sardine

Sardine

Sardine is a leader in financial crime prevention. Using unparalleled device intelligence and behavior biometrics, Sardine applies machine learning to detect and stop fraud before it happens.

Scality

Scality

Scality storage unifies data management from edge to core to cloud. Our market-leading file and object storage software protects data on-premises and in hybrid and multi-cloud environments.

Kontra

Kontra

Kontra application security training is an interactive and intuitive learning experience that engages developers.

CyberSG TIG Centre

CyberSG TIG Centre

CyberSG TIG Centre aims to propel Singapore as the world’s premier cybersecurity innovation hub for economic growth.

Transcendental Technologies

Transcendental Technologies

Transcendental is a consulting organization which specializes in customized assurance services in the fields of Localization, Mobile Software Solutions, Web Design, Cyber Security & Cyber Forensics.

Norwegian Data Protection Authority (Datatilsynet)

Norwegian Data Protection Authority (Datatilsynet)

The Norwegian Data Protection Authority (Datatilsynet) is the national data protection authority for Norway.