On February 13, 2019, the Duma (lower Chamber of the Russian Parliament) has begun to study a draft legislation with the aim to create a “sovereign Internet” in Russia, meaning an ability to function in total independence if Russia was cut from the major global servers. To achieve this, it will be necessary to create an “infrastructure allowing to ensure the functioning of the Russian Internet resources in case of the impossibility for the Russian operators to connect to the foreign sources Internet servers”.
The Internet providers will have to implement systems allowing a “centralized control of the traffic” on their networks.
The measures proposed would allow the Russian Internet (RuNet) to ensure that the Russian part of the Internet functions efficiently. In other words, the test will allow Russia to ensure that its domestic networks can operate in full autonomy.
A response to the penalty threats?
If Russia talks about an assurance for a maintained local availability, particularly in case of a large-scale cyberattack, this draft legislation is also and clearly presented as a response to the “aggressive nature of the new American cybersecurity strategy adopted in September 2018” [mentioning Russia as a threat]. Indeed, Russia is the object of many accusations regarding cyberattacks and cyber espionage (disruptions of the American presidential elections in 2016 -exhortation of Stuart Peach, Chief of the UK Defence staff in NATO, to take measures against Russia in December 2017, after the Russian submarines were detected near the Atlantic submarine cables, which carry the communications between Europe and the USA – in January 2018, the Minister of UK Defence, Gavin Williamson, also accuses Russia of spying the critical infrastructure of his country with the aim to create a “total chaos” which could “result in thousands and thousands of deaths”, etc). NATO and its allies have then threatened to punish Russia for these cyberattacks.
It’s in this context that Russia is planning a full-scale test of disconnection of the global Internet network.
A full-scale test
For several years, this test has been prepared by Russian authorities, who planned a DNS local backup (tested in 2014 and in 2018).
Indeed, the law plans the creation of Russia’s internal DNS system, which would ensure the link between web address and IP address of the corresponding web servers, without resting on the root servers of the global Internet.
Validated by president Poutine, the draft legislation has all its chances to be quickly adopted despite the reluctance of some branches of the government because of the potential expenses entailed. On the Russian Internet providers’ side, they seem to agree with the draft legislation, as mentioned in the Russian press, but to this date, they do not validate its technical implementation, which could create important disturbances and other traffic disruptions in Russia.
Of course, it is easy to see that this experience will simultaneously test the Internet providers‘ ability to direct data towards routing points controlled by the Russian government, since a filter would be implemented to stop the flow of data towards foreign servers.
Would Russia move towards a system of traffic filtering, beyond ensuring a national intranet that maintains an operational connection inside the borders even in case of a massive cyberattack? It is reminiscent of the significant Chinese firewall (Internet monitoring and censorship project managed by the Ministry of Public Security of the People’s Republic of China, initiated in 1998 and of which activities began in November 2003).
The Russian test could happen on the 1st of April 2019. To be continued.