Another Brick In The Great Kremlin Firewall: Mass Internet Outages Part Of ‘Sovereign Internet’ – Analysis

By

By Mike Eckel

(RFE/RL) — How bad was the outage that cascaded across Russia’s Internet on the evening of January 30?

At one point, Yandex, the country’s largest search engine — known as the country’s own Google, for its dominance within Russia — was down along with dozens if not scores of the country’s biggest and best-known Internet companies. Even popular website www.сбой.рф, which is dedicated to tracking Internet outages, also went down.

For roughly two hours, Russia experienced an outage that activists and experts said was among the most widespread and far-reaching disruptions the country’s once-freewheeling Internet has ever experienced.

Not since 2018, when regulators tried to cut off access to the widely used messaging platform Telegram and ended up blocking millions of web addresses, or 2021, when “equipment failure” at the state telecom provider sparked wide outages including of the Kremlin website, has Russia’s Internet experienced a disruption as sweeping as this.

“There has been a momentary bump in Russia’s shift toward a more isolated network environment,” said Isik Mater, director of research, at NetBlocks, a private, U.K.-based watchdog that monitors Internet governance around the world.

For years, Russian regulators have gradually built up the legal and technical infrastructure with the ultimate aim of being able to monitor and control the Russian Internet, commonly known as the RuNet.

Some of the efforts have been geared toward reining in the country’s biggest web companies. A marquee company whose shares traded on the NASDAQ stock exchange, Yandex has been hobbled by government interference over how it guides Russians searching for news or information about the Ukraine war. The company is on the verge of a major reorganization that essentially will split it up.

Other major web companies like VK, Russia’s equivalent to Facebook, have been folded into companies controlled by Kremlin-allied oligarchs or state-owned companies. Authorities appear to be moving to create a “super app” that would nudge Russians into using a single application for a range of online activities such as chatting, paying taxes, searching for romantic partners, and paying traffic fines.

On the hardware side, authorities, led by the state Internet regulator Roskomnadzor, have worked since the 1990s to build and refine a network of devices, servers, and Internet traffic monitors, something known as the System for Operative Search Activities.

Known by the Russian acronym SORM, the system involves mandatory installation of special devices by all Internet service providers, enabling the country’s primary domestic intelligence agency, the Federal Security Service, to vacuum up and monitor anything floating around the RuNet.

In the mid-2010s, the Kremlin-controlled parliament passed a series of lawsrequiring major Internet companies like Google, Facebook, and Apple to house their servers on Russian territory, making it easier for authorities to control or monitor traffic. Many of the companies ended up pulling out of Russia.

The system was expanded and advanced over subsequent years, making it easier for the state to thwart various privacy security or encryption measures. Developments also included things like “deep packet inspection,” which allows for monitoring technical data and network information.

It hasn’t always worked very well.

In 2018, Roskomnadzor targeted Telegram, the messaging app that is widely used in Russia and the region. The popularity of the app and its reputation for strong encryption has made it a target of the intelligence agencies, who want to be able to monitor communications and identify users.

But the effort ended up also blocking millions of web addresses — which are technically known as Internet Protocol — housed on cloud computing services provided by Amazon and Google. It disrupted myriad online business and services.

In 2019, lawmakers passed more amendments that, among other things, broadened Roskomnadzor’s ability to blacklist and block websites and go after tools — called virtual private networks, or VPNs — that help people get around blockages and shield a user’s identity and location. The effort was dubbed the “sovereign Internet” law.

It also broadened Roskomnadzor’s ability to slow down, or “throttle,” data flowing to and from websites or apps, making them nearly impossible to access. And it set up a specialized entity within Roskomnadzor charged with searching for online threats.

In March 2021, regulators throttled social media giant Twitter, now known as X, after the company refused to take down posts Roskomnadzor deemed in violation of regulations. It was the “first ever use of large-scale targeted throttling for censorship purposes,” according to a paper by U.S. and Russian academics.

The effort backfired, however, when Internet users across Russia complained that a large number of sites, including the Kremlin’s main website and other government pages, had stopped working. The Communications Ministry blamed “equipment failure.”

‘Who Deleted The RuNet’s Address Book?’

The 2019 sovereign Internet law also provided for the establishment of a Russian domain name system, known by its acronym DNS.

Widely known as the “phonebook” or “address book” of the Internet, the DNS operates when a person who types a web address into a browser to load a web page. The browser then translates the letters in that address into an alphanumeric Internet Protocol number that connects to the server or the computers that quickly work to load the page.

Since the early years of the Internet, the DNS has been overseen by a nongovernmental organization based in the U.S. state of California called the Internet Corporation for Assigned Names and Numbers, or ICANN.

That has long grated on the Russian authorities. Some, including President Vladimir Putin, have embraced conspiracy theories that the Internet is a project controlled by the Central Intelligence Agency.

For that reason, Russian regulators have sought to build their own national domain name system, which could be more easily monitored and controlled by the government.

Beginning around 6 p.m. Moscow time on January 30, websites began to fail for users in and out of the country. Aside from Yandex, the country’s three main cellular service providers — MTS, Beeline, and Megafon — saw outages. So did state-owned banks like Sberbank and VTB, online retailers Ozon and Wildberries, and classified-advertising giant Avito.

Some hours later, the Digital Development Ministry said in a statement that “a technical problem” had affected the .ru domain and its Cyrillic equivalent .рф. Those are the suffixes at the end of most Russian web addresses, like Kremlin.ru. The problem involved a set of extensions that protects the DNS from being hacked or tampered with, the ministry said.

That explanation was echoed by the Internet rights group Network Freedoms, which asked in post to Telegram: “Who Deleted The RuNet’s Address Book?”

“It appears that experiments are continuing with the creation of a national domain name service,” the group said. “Russian authorities have long warned that they would try to transfer all users in the country to a national DNS server. This is probably what is happening now with a lot of sites in the .ru zone.”

The outages lasted approximately two hours, according to the ministry and Internet experts.

‘Any Politically Opportune Moment’

The outages this week were preceded by a more localized outage last week that affected Telegram, WhatsApp, and Viber, all of which are in wide use in Russia. In Bashkortostan, a central Russian region that saw a wave of local protests earlier this month over the jailing of a Bashkir activist, WhatsApp and Telegram were unavailable for days.

Some activists have pegged the disruptions to heightened concerns by authorities in the run-up to the March presidential election, in which Putin is expected to easily win a fifth term in office.

“Authorities can apply these sorts of blockages at any politically opportune moment,” Artyom Kozlyuk, head of the watchdog group Roskomsvoboda, said following the January 24 disruptions.

“Most likely, such shutdowns (of both individual services and the entire Internet) will be local: in a specific city, district, maybe region,” he said. “But they are unlikely to be long-term. Prolonged, large-scale shutdowns would already have economic and social consequences.”

“My hypothesis is that this is connected to the madhouse that is now going on in Roskomnadzor,” said Mikhail Klimaryov, who heads a nonprofit called the Internet Protection Society. “They are trying to force all users into the so-called national domain name system. What is this exactly? I still don’t fully understand why it’s needed.

“Apparently, they wanted a sovereign Runet, and they ended up with sovereign RuNet,” he told Current Time. “What they wanted to do, they ended up getting.”

  • Mike Eckel is a senior correspondent reporting on political and economic developments in Russia, Ukraine, and around the former Soviet Union, as well as news involving cybercrime and espionage. He’s reported on the ground on Russia’s invasion of Ukraine, the wars in Chechnya and Georgia, and the 2004 Beslan hostage crisis, as well as the annexation of Crimea in 2014.

RFE RL

RFE/RL journalists report the news in 21 countries where a free press is banned by the government or not fully established.

Leave a Reply

Your email address will not be published. Required fields are marked *