The Russian Federation is currently pursuing a radical transformation to internet connectivity within the country. RuNet 2020 is an ambitious project to establish a national government-controlled network which is intended to function in an insulated environment from the broader internet in the event of a crisis.
Having the ability to function when disconnected from the global network could secure Russian critical infrastructure from external threats and provide additional, operational advantages to the country in the offensive cyber domain. However, the potential ramifications of digital sovereignty could prove damaging to the Russian economy and rally citizens back to the streets of Moscow in protest.
In any case, if the RuNet 2020 initiative is successfully implemented, it is likely to reshape the cyber security landscape beyond Russia. This blog post will review the origins and practicalities of the upcoming digital developments in the country.
RuNet (Russian internet) refers to the Russian-language segment of the internet, encompassing the country-code domains .ru and .рф. The volume of internet users within the Russian Federation has rapidly expanded from approximately 43% of the population in 2010, to 73% by 2016. According to W3Techs, the Russian Cyrillic script is recorded to be the second most common to appear within website content. RuNet is well established, although there are still many areas outside of metropolitan Russia that lack sufficient internet coverage. Some of the more popular services on RuNet include the mail providers Yandex and Mail.ru, news sites like Gazeta.ru, as well as the social media platforms VKontakte (VK) and Odnoklassniki.
Explorers of RuNet underground forums can attest that the Russian authorities have long overlooked the hive of illicit activity that occurs on Russian bullet-proof hosted sites. Black markets featuring stolen credit card details, database dumps, exploit kits and pirated material, among many other illegal items, are particularly prevalent on Russian-language clear and dark web forums.
Sale of a Saiga-12K Shotgun on the RuTor Dark Web forum
Paradoxically, it is not the vast underground network of criminal activity on RuNet that is prompting the Russian government to implement changes to the handling of the national network. In fact, despite the passage of numerous internet restrictions in the country, the platforms for cyber-criminal activity continue to thrive.
The Information Security Doctrine
Russian government ministries have been contemplating the possibility of the country becoming isolated from the global internet for some time. In September 2014, the Russian newspaper Vedomosti reported that the Russian Ministry of Communications had conducted an exercise to identify vulnerabilities associated with RuNet. The Russian Security Council determined that RuNet could be disconnected from the broader internet as an emergency course of action, particularly in the event of external international pressure.
In December 2016, President Vladimir Putin approved a strategic plan entitled the ‘Doctrine of Information Security of the Russian Federation’ (Доктрина информационной безопасности Российской Федерации). Akin to many other recent Russian national security documents, the Information Security Doctrine asserts that modern information technologies are integral to national progress, although the free exchange of information should be controlled to reduce threats to Russian national security and traditional values. A clause in the document (29e.) conveys that the development of a national network for the Russian internet segment will ensure information security in the field of strategic stability.
Russia has also outlaid concurrent plans to establish a closed network between countries within the BRICS partnership (Brazil, Russia, India, China and South Africa). In November 2017, the Security Council of Russia agreed to the proposal to create an alternative network that would only be accessible to the BRICS nations. The system would involve backup root DNS servers located in the BRICs countries, independent to those managed by the ICANN organisation. Russian officials have previously expressed concerns over the potential for the United States government to interfere with domain information held by ICANN/IANA (IANA had been strongly linked to the US Department of Commerce until October 2016) .
The plan to transform RuNet into an isolated national network by 2020 follows similar initiatives to establish independent systems within the country. In October 2016, the Russian classified military network was implemented. The Russian Closed Data Transfer Segment is intended to be more secure than the United States military SIPRNET and only features physical components that have been manufactured within the country.
Prominent independent systems have also been established within the Russian financial services sector. The ‘System for Transfer of Financial Messages’ (SPFS) is a Russian alternative to the SWIFT banking network. In January 2016, it was reported that 330 Russian banks had been connected to the substitute SWIFT platform. Similarly, the new ‘MIR’ card national payment system was founded in July 2015. The payment system currently operates in conjunction with certain international money transfer services and is designed in order that ‘no external economic and political factors’ can influence the processing of Mir card transactions.
Establishing secure indigenous networks constitutes a step towards the wider objective of protecting Russian national interests and state sovereignty. Another aspect pursued by the Russian government includes the implementation of successive internet regulations to counter domestic opposition to the Kremlin. In response to major demonstrations concerning alleged vote rigging during the Presidential elections in 2011, multiple internet controls were enacted including the ‘Internet blacklist law’ and so-called ‘bloggers law’. The laws were ostensibly passed to create a safer online space, although sites belonging to political opponents and activists have been blocked.
Internet regulations have also been enacted to reduce the potential influence from foreign entities. President Putin has previously expressed distrust for global connectivity, describing the internet as a ‘CIA Project’. Recently, the Russian communications regulator Roskomnadzor directed Internet Service Providers to block the Telegram encrypted messaging application after the company refused to provide backdoor access to the Russian security services. Over 1.8 million I.P addresses were blocked which disrupted many unrelated online services, primarily those hosted by Google and Amazon servers (through which Telegram had been routing traffic via a domain fronting technique).
Sealing the borders
Although the Russian Federation has already implemented numerous internet regulations, none are perhaps as complicated as establishing a closed national network. This involves the planned duplication of 99% of critical internet infrastructure in Russia. It was reported that by 2016, 40% of the routing infrastructure would be functional. A register of all companies that hold internet critical infrastructure was approved in January 2017. The exact degree of current progress towards the development of RuNet 2020 is uncertain given the scale of the project.
According to a report by IEEE Spectrum, an official from ICANN indicated that the independent national network in Russia is a feasible project, although the country would have to implement a name space to organise the hierarchy of internet traffic, establish a root server to handle queries and configure existing traffic exchange points. In practice, this should be a relatively straightforward task for state assets to accomplish.
However, the main challenge will involve convincing the populace and any foreign companies that do business in, or trade with the country to adopt Russia’s alternative network. The recent mass protests concerning the banning of Telegram demonstrate that there is sustained opposition to internet regulations within Russia. It is likely that many citizens would attempt to circumvent the closed RuNet, for instance by utilising VPN or proxy services instead. There is also the realistic possibility that the closed network would deter foreign firms from operating and investing in Russia, which could be costly to the Russian economy.
Sceptics refute that the RuNet 2020 project will ever be implemented in full. One compelling counter-argument conveys that it is almost impossible for the nation to be entirely disconnected from the global network. In practice, any alteration of the root zone entries retained by all 13 registry operators in the United States is both legally and politically unviable. Instead, Russia is effectively establishing a set of backup root name servers to store country-code domain information. In fact, there are already multiple root name servers based in Russia. This suggests the claims that Russia will be able to disconnect from the global network are overexaggerated.
Nonetheless, officials within the Russian Federation are evidently aiming to fulfil a vision to transform the country within the field of information security. The RuNet 2020 initiative is likely to be a precursor for further measures to exert ever-increasing control over the digital information space. Regardless of the outcome of RuNet 2020, it will almost certainly influence the development of cyber security strategy within other nations which may seek to increase control over their populations whilst claiming to combat the perceived US hegemony of global internet governance.
RuNet in 2020 – What has changed?
Over the last two years, there have been significant developments in the road towards an independent Russian internet. The Russian government has introduced further measures to control internet usage across the country, although the national infrastructure continues to be connected to the outside world.
In November 2019, the “Sovereign Internet” legislation came into effect, amending previous federal laws. This permits Roskomnadzor to take control of the network in the event of a national emergency and requires network operators to install deep packet inspection (DPI) devices. It also states that the national domain space would be implemented in January 2021. This constitutes a direct step towards the closed national network.
During this period, the Russian government has continued to tighten internet restrictions. Mobile internet services were taken offline for the duration of protests in Ingushetia (October 2018) and Moscow (August 2019). The list of domains blocked by Roskomnadzor has also expanded. Major protests occurred in March 2019 in opposition to the new internet legislation.
There have been further plans to promote the uptake of Russian technology as the country separates from the global network. This includes a law requiring Russian software to be installed on all computer equipment and mobile devices sold in the country that will be implemented in January 2021. The Russian government has also dedicated over 1.7 billion Roubles to develop a national encyclopaedia equivalent to Wikipedia.
The Russian Ministry of Communications announced that successful tests were performed on the closed national network in December 2019. At this stage, there is limited public information about the network tests or the current status of RuNet. While in practice, the closed national network may never be fully implemented, the Russian government has established significant controls over internet activity which will almost certainly influence policymakers in other countries.
Find out more about our cyber intelligence services
Subscribe to receive free updates
If you'd like to be kept updated on our blog, why not subscribe?
We will never give away, trade or sell your email address. You can unsubscribe at any time.