Russia Plans To Monitor Internet Access

Uploaded on 2019-05-02 in INTELLIGENCE-Hot Spots-Russia, GOVERNMENT-National, FREE TO VIEW, BUSINESS-Services-Law, TECHNOLOGY-Key Areas-Social Media

The Russian government is one step away from essentially cutting its population off from the global Internet. 

The controversial “sovereign Internet law” passed recently by the legislature’s upper house needs only President Vladimir Putin’s signature to require online traffic to pass through servers run by the government’s Internet regulation agency by 2021, allowing the Kremlin to much better observe and control what Russian citizens are doing. 

Putin has long talked up the idea of a firewalled Russian Internet, claiming that his government needs a better defense against cyber-attacks from the West.

“But it’s more likely motivated by the Kremlin’s desire to control the flow of information online,” said Justin Sherman, Cybersecurity Policy Fellow at New America.

The move is not popular among Russians concerned about freedom of expression, notes Irina Borogan, deputy editor of Agentura.Ru, an independent Russian news site.

“There is a lot of protests against the law. Activists, some politicians and Internet users openly expressed their outrage,” Borogan said. “But main local telecoms supported the law because the Kremlin promised not to charge them for the black boxes.”

The new law is the latest and most far-reaching legal action to limit Russians’ ability to interact with the outside world. Earlier such moves curbed access to Western social media services such as Linkedin and messaging services such as Zello. In 2016, when Russia was exchanging encrypted messages with Julian Assange and Wikileaks in a bid to undermine the US election, Russian lawmakers authorised the government to read encrypted messages and save message content from Russian citizens for six months.

The new sovereign Internet law also requires internet service providers to use Russia’s internal domain name service. This will allow the government, for example, to redirect searches from independent news organisations to pro-government websites.

“Ultimately, this boils down to the fact that the Russian government, its military, and its security services regard the population’s unrestricted Internet, social media, and mobile access as a significant vulnerability in what they see as future Western efforts to launch information and cyber ops against the state in order to disorient, confuse and otherwise divide the population and the government,” said Samuel Bendett, research analyst with the Center for Naval Analyses’ International Affairs Group

“Therefore, monitoring user content and recording user information is seen as pivotal in such a defensive effort.”

“The Russian government saw what such free information access can do in other countries, and defensive information operations is now part of the defense strategy,” Bendett said. “Therefore, access to user data is seen as key in preventing what Moscow sees as Western efforts to ferment some kind of ‘color revolution’ in the country.”

The NGO Human Rights Watch issued the following statement: “These proposals are very broad, overly vague, and vest in the government unlimited and opaque discretion to define threats. They carry serious risks to the security and safety of commercial and private users and undermine the right to freedom of expression, access to information and media freedom.”

Last year, the Russian government was working on a related project: setting up an intranet for its own use, a project that Herman Klimenko, one of Putin’s top technical advisors, described as “painful.”

Borogan said the new firewall will be a drag on Russian businesses. “Experts say that the implementation of the law can slow down the Internet in Russia, which will have a negative effect on the economy.” As the rest of the world races to build networks with higher speeds and lower latency, Russia appears to be going in the opposite direction.

Still, the new firewall may encourage the government, the military, and its hired hackers to launch more, and more disruptive, cyber-attacks.

Said Sherman, “If Russia’s internet is isolated from the global one, it’s also possible that may remove or diminish some disincentives for the Russian government to wreak more havoc on the global network. 

“The state’s manipulation of the Border Gateway Protocol that routes global internet traffic, for instance, might be a more attractive cyber option should Russia know its own systems are insulated from the potential damage.”

DefenseOne

You Might Also Read: 

Russia Will Build A Separate Internet Directory:

China's Great Wall Into Russian Cybersecurity:

 

 

« GCHQ Chief Wants A Big Effort To Improve British Cybersecurity
Cyber Criminals Are Catching Up With Nation-state Hackers »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

WhiteHat Security

WhiteHat Security

WhiteHat’s products enable customers to “Hack Yourself First” so that they gain a greater understanding of the actual risk to their business.

Trusted Computing Group

Trusted Computing Group

TCG was formed to develop, define and promote open, vendor-neutral, global industry standards, supportive of a hardware-based root of trust, for interoperable trusted computing platforms.

CloudLayar

CloudLayar

CloudLayar is a cloud-based website firewall for protecting your website against online threats.

TraceSecurity

TraceSecurity

TraceSecurity, a leading pioneer in cloud-based security solutions, provides IT governance, risk and compliance (GRC) management solutions.

NAVEX Global

NAVEX Global

NAVEX Global’s compliance management system consolidates your entire GRC program onto a scalable cloud-based platform.

X4 Technology

X4 Technology

X4 Technology is a leader in finding the very best technology talent for some of the world’s most innovative start-ups and globally recognised brands.

Neptune Cyber

Neptune Cyber

Neptune is a cyber security company that works exclusively in the marine sector. Our team combines experts in shipbuilding, maintenance and operations and cyber security testing and design.

CRI Group

CRI Group

CRI Group excels at deterring, detecting and investigating crimes against businesses using a global network of professionals specially trained in Anti-Corruption, Risk Management and Compliance.

BOXX Insurance

BOXX Insurance

BOXX Insurance Inc. is a new type of insurance company for a new type of risk. Cyberboxx is the first fully-integrated cybersecurity and insurance solution for small-to-medium-sized businesses.

Dazz

Dazz

Dazz is the cloud security remediation platform for smart security and development teams.

Emtec

Emtec

Emtec’s cyber security team provides advisory, assessment, & managed security services that help you build the cyber security policies, toolsets & best practices to elevate your cyber security posture

CryptoNext Security

CryptoNext Security

CryptoNext provides optimal end-to-end post-quantum cybersecurity remediation tools and solutions for IT/OT infrastructures & applications.

Silk Security

Silk Security

Silk is the first platform that enables enterprises to take a strategic, sustainable approach to resolving code, infrastructure and application risk.

Centum Digital

Centum Digital

Centum Digital provide services, products and solutions specialized in communications engineering, control and signal intelligence.

Bridgenet Solutions

Bridgenet Solutions

Bridgenet specialises as a top-notch Information and Technology Solutions Provider for businesses.

Dial A Geek

Dial A Geek

Dial A Geek are a Bristol-based B Corp that provides Managed IT Services to companies of 20+ users. We help businesses with a smart use of tech, including compliance and cybersecurity solutions.