Russia Plans To Monitor Internet Access

Uploaded on 2019-05-02 in INTELLIGENCE-Hot Spots-Russia, GOVERNMENT-National, FREE TO VIEW, BUSINESS-Services-Law, TECHNOLOGY-Key Areas-Social Media

The Russian government is one step away from essentially cutting its population off from the global Internet. 

The controversial “sovereign Internet law” passed recently by the legislature’s upper house needs only President Vladimir Putin’s signature to require online traffic to pass through servers run by the government’s Internet regulation agency by 2021, allowing the Kremlin to much better observe and control what Russian citizens are doing. 

Putin has long talked up the idea of a firewalled Russian Internet, claiming that his government needs a better defense against cyber-attacks from the West.

“But it’s more likely motivated by the Kremlin’s desire to control the flow of information online,” said Justin Sherman, Cybersecurity Policy Fellow at New America.

The move is not popular among Russians concerned about freedom of expression, notes Irina Borogan, deputy editor of Agentura.Ru, an independent Russian news site.

“There is a lot of protests against the law. Activists, some politicians and Internet users openly expressed their outrage,” Borogan said. “But main local telecoms supported the law because the Kremlin promised not to charge them for the black boxes.”

The new law is the latest and most far-reaching legal action to limit Russians’ ability to interact with the outside world. Earlier such moves curbed access to Western social media services such as Linkedin and messaging services such as Zello. In 2016, when Russia was exchanging encrypted messages with Julian Assange and Wikileaks in a bid to undermine the US election, Russian lawmakers authorised the government to read encrypted messages and save message content from Russian citizens for six months.

The new sovereign Internet law also requires internet service providers to use Russia’s internal domain name service. This will allow the government, for example, to redirect searches from independent news organisations to pro-government websites.

“Ultimately, this boils down to the fact that the Russian government, its military, and its security services regard the population’s unrestricted Internet, social media, and mobile access as a significant vulnerability in what they see as future Western efforts to launch information and cyber ops against the state in order to disorient, confuse and otherwise divide the population and the government,” said Samuel Bendett, research analyst with the Center for Naval Analyses’ International Affairs Group

“Therefore, monitoring user content and recording user information is seen as pivotal in such a defensive effort.”

“The Russian government saw what such free information access can do in other countries, and defensive information operations is now part of the defense strategy,” Bendett said. “Therefore, access to user data is seen as key in preventing what Moscow sees as Western efforts to ferment some kind of ‘color revolution’ in the country.”

The NGO Human Rights Watch issued the following statement: “These proposals are very broad, overly vague, and vest in the government unlimited and opaque discretion to define threats. They carry serious risks to the security and safety of commercial and private users and undermine the right to freedom of expression, access to information and media freedom.”

Last year, the Russian government was working on a related project: setting up an intranet for its own use, a project that Herman Klimenko, one of Putin’s top technical advisors, described as “painful.”

Borogan said the new firewall will be a drag on Russian businesses. “Experts say that the implementation of the law can slow down the Internet in Russia, which will have a negative effect on the economy.” As the rest of the world races to build networks with higher speeds and lower latency, Russia appears to be going in the opposite direction.

Still, the new firewall may encourage the government, the military, and its hired hackers to launch more, and more disruptive, cyber-attacks.

Said Sherman, “If Russia’s internet is isolated from the global one, it’s also possible that may remove or diminish some disincentives for the Russian government to wreak more havoc on the global network. 

“The state’s manipulation of the Border Gateway Protocol that routes global internet traffic, for instance, might be a more attractive cyber option should Russia know its own systems are insulated from the potential damage.”

DefenseOne

You Might Also Read: 

Russia Will Build A Separate Internet Directory:

China's Great Wall Into Russian Cybersecurity:

 

 

« GCHQ Chief Wants A Big Effort To Improve British Cybersecurity
Cyber Criminals Are Catching Up With Nation-state Hackers »

ManageEngine
CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 8,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

ExaGrid Systems

ExaGrid Systems

ExaGrid provides Tiered Backup Storage with a unique disk-cache Landing Zone, long-term retention repository, and scale-out architecture.

Fortinet

Fortinet

Fortinet is a provider of network security systems. Our products provide protection against dynamic security threats while simplifying the IT security infrastructure.

Brainwave GRC

Brainwave GRC

Brainwave GRC is a leading European software provider focused on Identity Analytics and intelligence to strengthen IT security and compliance.

Exida

Exida

Exida is a leading product certification and knowledge company specializing in industrial automation system safety, security, and availability.

BMS Group

BMS Group

BMS is an independent, employee-owned specialist insurance broking group. Broking solutions include Cyber and Technology.

Egyptian Supreme Cybersecurity Council (ESCC)

Egyptian Supreme Cybersecurity Council (ESCC)

ESCC is responsible for developing a national strategy to face and respond to the cyber threats and attacks and to oversee its implementation and update.

Singular Security

Singular Security

Singular Security help public and private organizations minimize cybersecurity risk and pass their IT compliance audit.

Recon InfoSec

Recon InfoSec

The Recon InfoSec team includes analysts, architects, engineers, intrusion specialists, penetration testers, and operations experts.

Primary Guard

Primary Guard

Primary Guard provides IT solutions and computing technologies that help minimize impact from cyber threats, improve business efficiency and maintain essential functions during or after a disaster.

Anjuna Security

Anjuna Security

Software from Anjuna Security effortlessly enables enterprises to safely run even their most sensitive workloads in the public cloud.

Theos Cyber Solutions

Theos Cyber Solutions

Theos Cyber provides service-first cybersecurity solutions to digital businesses in Asia.

Exiger

Exiger

Exiger is revolutionizing the way corporations, government agencies and banks navigate risk and compliance in their third-parties, supply chains and customers.

Digital.ai

Digital.ai

Digital.ai empowers organizations to scale software development teams, continuously deliver software with greater quality and security.

SecureCyber

SecureCyber

Secure Cyber Defense offers industry-leading technology and managed detection and response solutions.

Zyxel Networks

Zyxel Networks

Zyxel Networks is a leading provider of secure, AI-powered networking solutions for small to medium businesses (SMBs) and the enterprise edge.

Codacy

Codacy

Codacy is a developer-first, API-driven platform that provides a curated collection of best-in-class code analysis, security, coverage, and engineering performance tools.