Russian president Vladimir Putin signed the “Sovereign Internet” bill into law yesterday.
The bill is supposed to help protect Russia’s internet infrastructure from being “cut off” by Western powers in the EU and the US. It accomplishes this by forcing Russian internet providers to prefer routing over Russian internet infrastructure and to avoid routing outside of the country if possible.
On the surface, this seems like a semi-reasonable solution to protecting the nation’s interests, after all, an Internet blackout would be chaos in pretty much any modernized country in the digital age. Protecting both your government services and your economy sounds like common sense.
But when we look deeper into recent moves by the Kremlin, the motives appear to be more sinister.
A Path to Oppression
The bill does more than just forcing ISPs to prefer routing within Russia, it also also forces ISPs to only allow Russian DNS services. These two things combined equal a lot more than just stopping the threat of foreign-driven internet outages. It strengthens censorship and intelligence within Russia.
If you control the DNS servers of everyone in the country, you then control the vast majority of what people can see and do by blocking content or redirecting users to sites that better serves the government’s aims. This is a practice that China does regularly with its great firewall.
Furthermore, moving the country away from net neutrality and moving to routing that prefers Russian infrastructure allows the government to better monitor everything that the citizens are doing, because Russian companies then control all of the equipment.
These two things together follow the suspicious pattern that Moscow has been working toward. With the attempt to ban VPN services, this furthers the evidence that the core effort here is to prevent citizens from being able to access content that they don’t want them to see, or to be able to do things outside of the watchful eye of the Kremlin.
The Counterintelligence Link
As most of us have already concluded, Russia has, through the Internet Research Agency (aka the “Troll Farm”) been trying to influence internet communities around the globe politically to further its own goals. There’s evidence of Russian participation in influencing elections all over the west, and in sowing disharmony among friendly nations and neighbors alike by stoking the flames of populism and do as much social damage as possible. So far, it is safe to say that it has been a resounding success.
The moves by Russia to increase control over its own citizens and to filter incoming content into the country look like attempts to prevent the same thing happening to their own society. It is hard to stop outside influence, either the virtuous type criticizing your policies, or the malicious type stoking xenophobia and calling for violence, through the web.
These laws look like they are structured to do just that. The aim is to control what Russian citizens see and hear, and ultimately to isolate their information. It is not much of a reach to call this step one of a “Russian Great Firewall.”
Countermeasures Work, For Now
Russians can still use encrypted DNS or a powerful VPN to cut through much of the blocking and see the rest of the world uncensored. It remains to be seen how much the Russians are willing to commit to technology to fight against their own citizens.
We can only hope that countermeasures stay ahead of the filters when these laws inevitably get more aggressive.
About Derek Zimmer
Derek is a cryptographer, security expert and privacy activist. He has twelve years of security experience and six years of experience designing and implementing privacy systems. He founded the Open Source Technology Improvement Fund (OSTIF) which focuses on creating and improving open-source security solutions through auditing, bug bounties, and resource gathering and management.