Russia’s Attack On Web Freedom

Two years have passed since Edward Snowden exited Moscow’s Sheremetyevo airport and began a new life in exile. His revelations of hitherto unknown US and UK programmes of mass surveillance initiated a global debate, and some minor reforms. 

President Obama vowed to stop spying on Angela Merkel and other friendly western leaders. But what happened in Russia, the host country where Snowden now appears to be indefinitely stuck?

The answer is a dispiriting one, at least according to Andrei Soldatov and Irina Borogan, two brave Moscow-based journalists who have followed the development of the Russian internet since its earliest days. The timing of Snowden’s arrival in Russia in summer 2013 was lousy, they write. The Kremlin was in the middle of a large-scale offensive against internet freedoms.

Russia’s spy agencies have the ability to snoop on emails via Sorm, a sophisticated system first developed by the KGB to eavesdrop on phone calls. 

The FSB’s (Federal Security Service) legal powers go well beyond those of the US National Security Agency or GCHQ. Russian internet service providers are obliged to install Sorm black boxes; they have no clue as to what Russian intelligence agents choose to intercept.

Soldatov and Borogan argue that what troubles Vladimir Putin is that the servers of big global platforms such as Facebook and Twitter are located in the US. Russia’s president takes a dim view of the Internet, which he personally doesn’t use. 

In 2014 he dubbed it a “CIA project”. The challenge for the Russian authorities, as they saw it, was to force these US-hosted platforms to relocate their servers to Russian territory. There, of course, the state could control them.

Soldatov and Borogan are Russia’s foremost experts on Putin’s security services and the founders of the website Agentura.ru. At a time when investigative journalism is practically extinct in Russia they have courageously kept going. 

The Red Web is a masterful account of the struggle between two opposing forces, the Kremlin and its longstanding desire to control information versus the unruly and horizontally mediated world of ordinary digital citizens.

Soldatov and Borogan argue that Snowden’s unexpected presence in Moscow, he was trying to get to Latin America, was a gift to the Kremlin. Snowden might have hoped that his revelations would trigger a debate inside Russia over domestic Internet surveillance, and its limits, as they had in most of the western world. (The exception is Britain, where details of the government’s mass data-scooping were met with a yawn.)

Instead, the Russian authorities gleefully used Snowden and his leaks as a pretext to roll out new repressive measures. Russia’s federal agency for supervising communications, Roskomnadzor, blacklisted sites under a deliberately fuzzy law prohibiting “extremism”. Bloggers with more than 3,000 followers were forced to register with the government. Independent news portals, including one run by former chess champion Garry Kasparov, were banned. All this was done under the banner of “digital sovereignty”.

Meanwhile, Sorm was beefed up. Another law compelled phone companies and internet providers to keep data for 12 hours, so the state might examine it. The FSB got a new and powerful weapon too: deep packet inspection or DPI. This allows the agency to read everyone’s emails and to weed out websites belonging to those it deems to be politically unacceptable.

Moscow turned up the heat up on foreign platforms too. Soon after Putin seized Crimea, it asked Twitter to close the account of the far-right Ukrainian party, Pravy Sektor. Twitter complied. The response generally from western tech giants to the Kremlin’s onslaught against free speech was remarkably spineless. Google, Twitter and Facebook all scurried to Moscow to meet with government representatives.

Soldatov and Borogan are scathing about Snowden’s response to all this. Apart from one question to Putin during a 2014 televised phone-in, when he asked about Russia’s surveillance practices, Snowden has been silent. He doesn’t comment on Russian affairs. He gives interviews to visiting Americans and others, but won’t meet Russian reporters or Moscow-based foreign correspondents. Soldatov and Borogan tried to see him and failed.

In Snowden’s defence, his reluctance to criticise the Kremlin is understandable: he is a man with few options. Negotiations to cut a deal with the US administration petered out some time ago, and if he returns home Snowden faces espionage charges that don’t allow him a public-interest defence. 

One suspects he would like to say more about Russia’s Internet clampdown. And Snowden is this century’s most important whistleblower, not a Russian agent, as his lazier critics have claimed.
Still, Soldatov and Borogan suggest he has failed to rise to the challenges of his situation. Snowden is fond of quoting the UN declaration of human rights, they note, but ended up in a country with a miserable human rights record. 

For months, they add, he pretended he wasn’t in Russia “but just somewhere”. In the words of Stas Kozlovsky, the leader of Russia’s Wikipedia community, which were said in sorrow not anger: “Snowden could have done good things globally, but for Russia he was a disaster.”

Since Putin’s undercover invasion of eastern Ukraine the attack on the country’s independent media, what’s left of it, has got worse. The Kremlin uses an array of methods. They include denial-of-service attacks against opposition websites, and an army of paid “trolls” who post pro-Putin comments on Russian and western news outlets, including the Guardian. The trolls sit in a comfortable glass office in St Petersburg. They earn $900 a month, the authors report.

In recent months, Russia’s two homegrown internet giants – the search engine Yandex and social networking site VKontakte – have come under pressure. VKontakte’s founder Pavel Durov fled after two Kremlin-friendly billionaires bounced him from the company. Another oligarch, Alexander Mamut, fired the editor of the website Lenta.ru after it carried an interview with a Ukrainian nationalist leader. (Mamut owns the Waterstones bookshop chain and has a son at a British boarding school.)

The Russian state doesn’t always prevail, though. Predictably, Roskomnadzor banned a blog by the anti-corruption campaigner Alexei Navalny. A computer geek called Ruslan Leviev found a technical way of outwitting this censorship, and Navalny’s journal remains online. Putin insists Russian troops are not fighting in Ukraine; investigative journalists didn’t puncture the lie – rather, it was Russian soldiers who exposed it by posting photos of themselves on VKontakte.

Soldatov and Borogan’s previous book, The New Nobility, is a lucid study of how the FSB became Russia’s pre-eminent institution. The Red Web is good at tracing how the spy agency’s modern tools of digital repression build directly on technologies devised and perfected, often with extraordinary creative skill, during the long KGB era. For example, the KGB set up secret acoustic laboratories dedicated to creating a secure telephone system. 

They also pioneered technologies that allowed its spies to recognise the identity of a speaker on the phone. This clandestine science got its own name: phonoscopy.

The KGB’s efforts to keep a lid on information were extensive, with paranoia never far away. In 1952 a young physicist called Vladimir Fridkin developed the Soviet Union’s first photocopier. Five years later he was forced to destroy it, after the KGB twigged it might be used to reproduce forbidden journals.

The Red Web is part detective story, as Soldatov and Borogan track down former KGB operatives and persuade them to talk. They meet a woman “controller” whose job it was to sit for hours in front of a whirring tape machine in one of the KGB’s gloomy secret recording studios. This was tedious work and, as espionage goes, not terribly efficient: Soviet phone lines were often poor and it took hours for the controllers to transcribe what they had heard. The Kremlin’s instincts were totalitarian; reality was messy and incomplete.

Few of those involved in spying on their fellow citizens, express regret. The journalists meet an ex-KGB engineer who, after the fall of the Soviet Union, set up a private company specialising in speech recognition. The firm flogs its technology to the FSB and to despotic regimes around the world, where it is used to catch dissidents. Asked if he had any qualms, the engineer shrugged: “We just come up with the hardware.”

Guardian:          Russia To Block LinkedIn:          For Russian journalists fighting hacks is part of the job:
 

 

« US And UK Agree To Take On Islamic State In Cyberspace
Lloyds Bank Cyber Attack »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Zayo

Zayo

Zayo is a leading global bandwidth infrastructure services provider for high-performance connectivity, secure colocation and flexible cloud services.

F-Secure

F-Secure

F-Secure defends enterprises and consumers against everything from opportunistic ransomware infections to advanced cyber attacks.

CNCERT/CC

CNCERT/CC

CNCERT is the national Computer Network Emergency Response Technical Team / Coordination Center of China.

evoila

evoila

evoila GmbH is one of the leading providers in consulting, analysis, implementation and management of cloud infrastructure.

Arthur J Gallagher & Co

Arthur J Gallagher & Co

Arthur J. Gallagher & Co. is a global insurance brokerage and risk management services firm. Services include Cyber Liability insurance.

Secret Double Octopus

Secret Double Octopus

Secret Double Octopus offers the world’s only keyless multi-shield authentication technology for users and things.

Wüpper Management Consulting (WMC)

Wüpper Management Consulting (WMC)

Specialized in compliance, risk management and holistic information security WMC GmbH has longtime implementation experience in global projects.

Beosin

Beosin

Beosin is a blockchain security company providing cybersecurity services including security audits, on-chain asset investigation, threat intelligence and wallet security.

Rizikon Assurance

Rizikon Assurance

Rizikon Assurance is an Online System that improves Third-Party Assurance and Risk Management, through efficiency, automation and better visibility.

AmWINS Group

AmWINS Group

AmWINS are a global specialty insurance distributor with expertise in property, casualty and professional lines including cyber liability.

Active Countermeasures

Active Countermeasures

Active Countermeasures believe in giving back to the security community. We do this through free training, thought leadership, and both open source and affordable commercial tools.

Infinite Ranges

Infinite Ranges

Infinite Ranges delivers secure, comprehensive digital solutions by connecting experts with the best products and services for the digital age.

VikingCloud

VikingCloud

VikingCloud (formerly Sysnet Global Solutions) offers organizations an integrated cybersecurity and compliance solution to make informed, predictive, and cost-effective risk mitigation and prevention

SecureTech360

SecureTech360

SecureTech360 is a cybersecurity and IT consulting firm whose principals have extensive experience in Cybersecurity and Information Technology.

Nine23

Nine23

Nine23 are a highly focused cyber security solutions company that defines, builds and manages innovative services, enabling end-users to use technology securely in today’s workplace.

CSIOS Corp.

CSIOS Corp.

At CSIOS we help our customers achieve and sustain information and cyberspace superiority through a full range of defensive and offensive cyberspace operations and cybersecurity consulting services.