RSS
Логотип
Баннер в шапке 1
Баннер в шапке 2
2024/09/10 13:52:53

Autonomous Sovereign Internet in Russia

Content

Main article: Runet

2024

Roskomnadzor creates its own infrastructure to check the routing of IP addresses

Roskomnadzor is creating its own infrastructure to check the routing of IP addresses in order to strengthen the protection of the Runet from cyber attacks. This decision, announced as part of the Telecommunications Industry Development Strategy until 2035, is aimed at improving the security of the Russian segment of the Internet and combating threats of data interception. Such data were November 5, 2024.

According to CNews, Roskomnadzor intends to introduce infrastructure for the implementation of the RPKI (Resource Public Key Infrastructure) protocol, which will protect IP address routes from theft and manipulation. RPKI is an extension of the Border Gateway Protocol (BGP), which is responsible for dynamic routing on the Internet. The main goal of this project is to create a system for validating IP address routes, which will reduce the risks of cyber attacks and increase the overall reliability of the national Internet segment.

Roskomnadzor is creating its infrastructure to check the routing of IP addresses to protect the Runet from cyber attacks

In Europe, the routing validation functions are performed by the RIPE NCC Regional Internet Registrar, which is responsible for issuing and verifying certificates. In Russia, Roskomnadzor intends to take on this role. According to Dmitry Burkov, head of the Fund for Assistance to the Development of Internet Technologies and Infrastructure, the creation of such an infrastructure has been overdue for a long time, since the BGP protocol does not provide sufficient protection against route interception. Burkov stressed that the deployment of infrastructure requires significant technical efforts and funding, but even minimal implementation within the country will already significantly increase the level of data transfer security.

RPKI allows you to verify routing through cryptographic certificates, which helps prevent unauthorized changes to routing tables. Each autonomous system (ASN) that has unique numbers declares prefixes over which data can be transmitted. The main problem is that attackers can declare more specific prefixes and redirect traffic through their networks. The RPKI infrastructure must neutralize such threats by ensuring that routes are legitimate through cryptographic certificates.[1]

Roskomnadzor will update the site blocking system for 59 billion rubles

Roskomnadzor plans to spend about ₽59 billion to modernize the blocking system of Internet resources in. Russia This became known in September 2024. This amount will be allocated within the framework of the federal project "Infrastructure," cyber security which is part of the national project. "Data Economics and Digital Transformation of the State" As follows from the documents, funds will be directed to technical means of countering threats installed on the networks of telecom operators.

According to Forbes, Roskomnadzor intends to update existing technical means of countering threats and install new ones during 2025-2030. It is planned to increase the system bandwidth to 725.6 Tbit/s, which will increase the efficiency of blocking VPN services by up to 96%. As part of the upgrade, new hardware and software will also be purchased, as well as new signatures developed to identify suspicious activities on the network, including bypass locks. Oleg Terlyakov, Deputy Head of Roskomnadzor, has been appointed responsible for the project.

Roskomnadzor is modernizing its system for blocking Internet resources for 59 billion rubles

The system of technical means of countering threats has been introduced in the framework of the law "On Sovereign Runet," which obliges telecom operators to filter all Internet traffic. Earlier, the head of Roskomnadzor, Andrei Lipov, said that the Russian segment of the Internet is fully equipped with technical means to counter threats. Carriers, however, refer to these systems as "black boxes" because they do not have access to information about what happens to traffic on their networks.

The main contractor for the implementation of technical means of countering threats is RDP.ru, which is engaged in the supply of equipment and software for Roskomnadzor.[2]

Control over the content of the Runet transferred to the Prosecutor General's Office

On the website of the publication of regulatory acts on August 8, the text of federal law[3]" On Amendments to the Federal Law "On Information, information technologies and information protection "and certain legislative acts of the Russian Federation," which in the blogosphere was called the law "on trash streams." However, it is not only about expanding the concept of prohibited information to such streams, but, rather, about tightening control over the content of the Runet. Moreover, all changes provided for in the law come into effect immediately after its publication, that is, from August 8, 2024.

Law No. 216-FZ was adopted by the State Duma, the Federation Council and the President of the Russian Federation as soon as possible

The text of the law clarifies the concept of prohibited information, which is spelled out both in the "three-chapter" law No. 149-FZ and in the law No. 436-FZ "On the protection of children from information harmful to their health and development." In particular, the following was added to the definition of prohibited information: "insulting human dignity and public morality, expressing obvious disrespect for society, containing an image of actions with signs of unlawful, including violent, and disseminated from hooligan, selfish or other base motives."

Actually, this is stated on only a few pages of the adopted document. However, the punishment for the dissemination of prohibited information (a fine of up to 1 million rubles) and more accurate legal formulations for "trash" are specified in the next law No. 217-FZ, which amends the Administrative Code.

In the very law No. 216-FZ, the remaining 30 pages are devoted to how exactly this information will be blocked. And for this, significant amendments are made to Law No. 126-FZ "On Communications." It, in particular, creates a new article 65.2. "Management of communication networks on the basis of the requirement of the Prosecutor General of the Russian Federation or his deputies," which gives the Prosecutor General's Office of the Russian Federation the right to demand from Roskomnadzor direct control of the public communication network. That is, to prohibit access to Internet sites containing prohibited information, the number of requirements for the installation of technical means of countering threats (TSPU) is greatly increasing. They just allow you to filter prohibited information, so TSPUs are often called Deep Packet Inspection (DPI) deep filtering systems.

In addition, the published document completely replaced the articles of the law "On Communications," which determine the licensing of this activity. In particular, they require for obtaining licenses the installation of TSPU means and "means of monitoring compliance by a telecom operator, owner or other owner of technological communication networks with the requirements of this Federal Law, as well as the requirements of Federal Law of July 27, 2006 No. 149-FZ" On Information, Information Technologies and Information Protection. "

These devices must be installed by all telecom operators, and they are obliged to collect information about both Internet users and the files requested by them. This information is required to be kept by operators for 3 years, and it must be provided to law enforcement agencies at their request. In fact, these are devices for the implementation of a system of operational-search measures (SORM).

Interestingly, both television companies and radio stations are also included in the operators, in the networks of which it is also necessary to install TSPU and SORM. In addition, TSPU should be installed at the joints between telecom operators and during cross-border transmission. Thus, operators will be forced under the threat of deprivation of licenses in the near future to install appropriate devices that will filter prohibited resources and record all user actions on the Internet. Thus, we can talk about taking control of the Russian information space from the Prosecutor General's Office.

File:Aquote1.png
Large operators already have such systems of their own production or purchased, they will have to be reconfigured and, possibly, upgraded, "Rustem Khayretdinov, deputy general director of the Garda group of companies, said for TAdviser. - Small operators will have to acquire such systems by developing them, buying or taking them by subscription. Russian manufacturers in the database are ready to provide such products, perhaps some kind of refinement will be required depending on the nuances of implementation and functioning. The demand for such systems will obviously grow. At the same time, everyone understands that it is problematic to quickly develop such technologies even with the help of "reposition" projects with open codes, so the main players (read the beneficiaries of demand growth) are understandable.
File:Aquote2.png

In addition, the new law prohibits the transfer of information from state information systems to other information systems that do not meet the requirements for information protection listed in law No. 149-FZ. Most likely, this means that access to state information systems can only be obtained from trusted workplaces, possibly even certified ones. It will also require the introduction of protective equipment for GosIS and the expansion of the market for solutions to ensure state information security.

Roskomnadzor changes the procedure for the operation of sovereign Runet after a major failure

On May 15, 2024, it became known about the decision of Roskomnadzor to change the operation of the sovereign Runet after a major failure in the zone. The agency has developed a procedure for using the national domain name system (NSDI).

As Kommersant writes with reference to the draft amendments to the order of Roskomnadzor dated July 31, 2019 No. 229 "On the approval of the Regulation on the national domain name system, requirements to it, the procedure for its creation, including the formation of information, contained in it, as well as the rules for its use, including the conditions and procedure for providing access to information, " it is planned to reduce the number of ways in which ISPs must connect to the NSDI. Thus, options that pose the risk of inability to access sites in.ru "in the event of a DNSSEC signature validation failure" will be removed from the list.

It became known about the decision of Roskomnadzor to change the work of the sovereign Runet

In addition, Roskomnadzor will exclude from the rule those methods by which providers connect to authoritative servers of the NSDI root zone, including accessing the file of a copy of the root zone. The option of connecting through the NSDI-related recursive file request handler (the so-called resolver) remains allowed.

At the end of January 2024, a failure occurred in the operation of the.ru domain zone. Its reasons are the incorrect operation of the software that implements the mechanism for signing a file with zone data. Roskomnadzor explained further actions for Russian providers and owners of autonomous systems after this incident, recommending that they connect to the public servers (resolvers) of the National Domain Name System. According to the ministry, in order to set up a connection to public servers (resolvers) of the NSDI, the telecom operator must change and/or add NSDI addresses to the list of DNS servers for the end client: 195.208.4.1 and 195.208.5.1.[4]

2023

Roskomnadzor divided operators into primary and secondary due to exercises on the stability of the Runet

At the end of October 2023, Roskomnadzor announced a new measure of regulation of the telecommunications industry. It is supposed to divide telecom operators into primary and secondary.

As the head of the department, Andrei Lipov, explained, the planned exercises on the safety and stability of the public communication network, carried out within the framework of the law "on the sovereign Runet," showed problems with the survivability of communication networks with intentional impact on lines and structures.

Roskomnadzor will divide telecom operators into primary and secondary
File:Aquote1.png
They [requirements] will primarily affect large infrastructure telecom operators. To implement the requirements, they will need to properly complete, equip and ensure the necessary level of redundancy of their communication networks. These requirements will not be presented to small operators, "Lipov told reporters.
File:Aquote2.png

The head of Roskomnadzor stressed that the digital future is impossible without ensuring increased security of communication facilities. There is a risk that governance may be violated at the regional level, and people will be left without the online services they are used to, for example, without banking or other digital services.

Market participants interviewed by Forbes believe that the regulation initiated by Roskomnadzor is probably being prepared in the interests of Rostelecom, and also carries the risks of monopolizing the industry, as it can force large telecom operators to "redraw all backbone communication networks in Russia, shift the cable deeper and away from cities."

According to the source of the publication, such an initiative will help the Main Radio Frequency Center subordinate to Roskomnadzor to install TSPU systems (technical means of countering threats) at the cross-border junctions of trunk communication networks to filter user traffic from prohibited content.[5]

Roskomnadzor: All communication nodes in Russia are 100% equipped with means to counter threats

The Russian segment of the Internet is 100% protected using technical means to counter threats (TSPU). This statement was made by the head of Roskomnadzor Andrei Lipov on October 24, 2023.

At the same time, he noted that the already installed technical means need constant modernization due to the growth of traffic. This problem will be solved by installing additional equipment, Lipov added.

The Russian segment of the Internet is 100% protected using technical means to counter threats

According to the head of Roskomnadzor, in the LPR, DPR, Kherson and Zaporizhzhya regions the situation is more complicated, there is an active development of communication networks. Basically, the TSPU equipment was installed there, Lipov said.

By October 2023, a law is in force in Russia, according to which, in cases of threats to the functioning of the Internet on the territory of the Russian Federation, Roskomnadzor can carry out centralized traffic control through the Public Communications Network Monitoring and Management Center (CMU SSOP) through technical means to counter threats (TSPU) installed on operators' communication networks and filtering traffic passing through them.

Roskomnadzor has developed technical conditions for the installation by telecom operators of special equipment to counter threats within the framework of the law on sustainable Runet. According to the requirements for communication networks of operators, when using the installed equipment, "the integral, stable and uninterrupted functioning of communication networks of telecom operators must be ensured." In addition, the telecom operator must ensure that all traffic passes through this equipment "with the exception of the possibility of bypassing technical means of countering threats along other routes."

Operators are also required to organize a technological communication channel to manage countermeasures. We are talking about a communication channel in a public communication network with a bandwidth of at least 100 Mbps for allocating network addresses to each equipment installed in the communication network.[6]

Hosting providers ask the Ministry of Digital Development to postpone placement of an ifrastruktura in the Russian Federation

Large IT companies providing services for virtual hosting of data and sites (hosting providers) asked the Russian Ministry of Digital Development to postpone the entry into force of a departmental order, which tightens their responsibility for the actions of hackers. This became known on October 10, 2023.

We are talking about amendments to the changes to the law "On Information" adopted by the State Duma in the summer, which regulate the work of hosting providers. By-laws describing the companies' new responsibilities were published in September. According to them, providers are obliged to connect to the system for countering cyber attacks FSB State system of detection, prevention and elimination of consequences of computer attacks and block the resources through which they are conducted and cyber attacks transfer data on malicious traffic to the system. If an attack organized through customer resources is detected, the provider must block them within 12 hours.

Hosting providers asked the Russian Ministry of Digital Development to postpone the entry into force of a departmental order that tightens their responsibility for the actions of hackers

As Kommersant writes with reference to the recall of large IT companies and telecom operators for this draft order of the Ministry of Digital Development, some of the requirements are simply impossible. For example, in order to provide all the necessary information about computer attacks, GosSOPKA hoster must direct all traffic through the firewall, explained in Megafon. This is a separate commercial service that the hosting provider is not entitled to impose on its customers. In addition, the firewall limits and slows down traffic, the company added.

Megafon also notes that the hoster cannot control the network settings of clients and indicate which parameters to use. The hoster must also save and transmit, at the request of the authorities, information about the interaction of site owners with their users, but the hoster simply does not have such data, only the site owner has it, the operator notes.

Yandex believes that a number of amendments need to be made to the project, which will allow providers to independently determine how to optimally build a reaction to the actions of hackers and avoid additional costs for traffic analysis tools. For example, leave in the order only the requirement to "determine" intrusions into IT systems through traffic channels, removing the requirement to "prevent" them from it[7]

Russia is ready for Internet autonomy in case of termination of the ICANN system

Domain Coordination Center .RU/RF built a system for countering the consequences that may occur in the event of any sanctions decision by the global registrar. In ICANN particular, the registrar may disconnect the Russian domain the zones due to political pressure or default financial. The latter arose due to sanctions restrictions on settlements Russian banks with foreign ones. This became known on September 18, 2023. More. here

Telecom operators in Russia will now be taken away licenses for incorrect operation of Internet traffic filtering systems

On September 1, 2023, new amendments to the law "On Communications" came into force. In particular, it involves expanding the grounds for termination and cancellation of the license. Thus, non-compliance with the scheme of passing traffic through the TSPU can now cause the termination of the license of the telecommunications operator.

Companies operating in the communications market will have to develop, approve and coordinate with Roskomnadzor (RKN) a scheme for passing traffic through TSPU. Such a scheme must be presented every time the license is renewed, even if TSPUs have already been installed and are functioning. Critics of the new initiative consider it redundant: this regulation, according to some market participants, is an administrative barrier and complicates the work of the telelek operator, since the procedure for the operation of the TSPU is already spelled out by the law on sovereign runet.

Telecom operators in Russia will now be taken away licenses for incorrect operation of Internet traffic filtering systems

The law on the "sovereign Internet," which entered into force on November 1, 2019, obliges to place TSPU on its networks of operators. Roskomnadzor independently establishes and maintains TSPU, operators only provide service employees with access to their networks and technical conditions - such as a place for placing equipment, a communication channel of a certain bandwidth, as well as uninterrupted power supply. LTCs are designed to filter traffic and block prohibited resources using DPI (Deep Packet Inspection) technology. Unofficially, this equipment is called "black boxes" from the RKN.

On August 31, 2023, the Ministry of Digital Development published a draft resolution describing the rules for installing and operating TSPUs to protect the Internet and communication networks from cyber threats. On September 1, 2023, a regulatory impact assessment (ODS), a public discussion of the document and an independent anti-corruption examination began.[8]

Owners of traffic exchange points in Russia will have to install devices to block prohibited content

On July 26, 2023, the State Duma adopted bill No. 1214072-7, amending the federal law "On Communications." The document, among other things, obliges the owners of traffic exchange points in Russia to establish technical means of countering threats (TSPU) within the framework of the sovereign Runet.

It is said that the telecom operator has the right to start providing services for providing Internet access only if TSPU tools are used in its network. Traffic to connected networks must also be passed through such equipment. At the same time, the procedure for the installation, operation and modernization of TSPU at the point of traffic exchange is approved by the Government of the Russian Federation.

Owners of traffic exchange points in Russia need to establish technical means of countering threats (TSPU) within the framework of the sovereign Runet
File:Aquote1.png
A telecom operator providing services for providing access to an information and telecommunication Internet network and (or) services for connecting another operator's data network to its data network [...] is obliged to ensure the installation in its communication network of technical means to counter threats on communication means that ensure data transmission at a speed of more than ten gigabits per second, the document says.
File:Aquote2.png

Obligations for traffic exchange points are introduced if the transmission of traffic to the connected communication network through the TSPU is not provided by the communication operator. For non-compliance with the established traffic transit scheme, the company may lose its license.

It is assumed that the TSPU equipment will be provided by the state, but the traffic exchange point, like any telecom operator, should provide the installation site, power, control channels, security and other communications. Operators believe that the speed and quality of TSPU traffic in general will not be affected.

File:Aquote1.png
GRCC or their contractor is responsible for the operability of the TSPU complex itself, but situations may arise in which they will try to assign responsibility to the telecom operator. Administrative and even criminal liability for this for telecom operators is already provided for by law, - said Dmitry Petrov, General Director of the telecom operator LLC Comfortel.[9]
File:Aquote2.png

Roskomnadzor: Internet providers will be fined for the lack of traffic filtering

Fines in the amount of up to 5 million rubles will be imposed on Russian telecommunications providers who will not pass user traffic through technical means of countering threats (TSPU). This was reported in July 2023 in Roskomnadzor.

As Izvestia writes with reference to the statement of the department, by the end of the year all Internet traffic in Russia will pass through TSPUs, which will be installed on the equipment of operators. Roskomnadzor will check whether operators pass traffic through such systems, the representative of the department added. If this does not happen, then the operator can be fined. At the same time, the management of the telecom company can also be fined 1.5 million rubles, and in case of malicious violation, the official will face imprisonment for up to three years.

Internet providers will be fined up to 5 million rubles for the lack of traffic filtering

Systems to counter cyber threats have been installed at operators' communication nodes since 2019 at the expense of the federal budget. They protect the Russian segment of the Internet from threats of various types, including prohibited content. According to Rustem Khayretdinov, deputy head of Garda Technologies, one of the threats to the Russian segment of the Internet appears to be a complete disconnection of the Russian Federation from the network in the presence of political will. The blocking system is needed to inform the uninterrupted and safe operation of communication devices for the information space, added Dmitry Gorbunov, partner of Rustam Kurmaev and Partners.

According to Roskomnadzor, by July 20, 2023, 100% of mobile communication traffic and over 95% of fixed communication flow pass through TSPU. Cyber ​ ​ threat blocking systems are installed in 367 operators. TSPU solves the problems of combating DDoS attacks: the number of cyber attacks on the Runet in 2022 increased 4-5 times, said Konstantin Ankilov, general director of TMT Consulting. At the same time, operators also have their own means of combating DDoS, he concluded.[10]

At night, Russia "turned off the international Internet" as part of exercises on sovereign Runet

On July 5, 2023, Roskomnadzor announced a successful exercise to ensure the sustainable functioning of the Runet. The department did not disclose details and only recalled that the federal law "On Communications" No. 126-FZ determines the procedure for organizing such exercises. According to the regulations, they must be carried out at least once a year.

RBC, citing sources in the telecommunications market, reported that on the night of July 4-5, 2023, regular exercises were held in Russia to ensure the stable, safe and integral functioning of the Russian segment of the Internet and the public communications network. According to one of the interlocutors of the publication, during the exercises "turned off the international Internet."

Roskomnadzor announced the holding of successful exercises to ensure the sustainable functioning of the Runet
File:Aquote1.png
During the exercise, they could check whether Runet continues to work with such a shutdown (from the outside). Bulletproof vests are tested in about the same way when they are put on mannequins and then shot, - said the interlocutor of the publication on the telecommunications market.
File:Aquote2.png

Alexander Dvoryansky, Director of the Information Security and Special Solutions Department of Sitronics Group, in a conversation with the publication, noted that the root servers (can establish a connection between a numerical IP address and a name in the root zone, for example,.ru) belong to the United States and Russia cannot influence it in any way. Dvoryansky believes that it is necessary to take into account the likelihood of a potential disconnection of the Russian segment of the Internet from the global network. He recalled that earlier the professional community agreed that turning off payment systems was unlikely, nevertheless this happened.

The founder of Qrator Labs, Alexander Lyamin, says that the modern Internet is well connected and very difficult to divide, so "theoretically, it is impossible to predict which part of the Runet will stop working when it is disconnected from the global network."

File:Aquote1.png
The exercises carried out are an attempt at a live experiment in order to check the readiness for such a development of events: how much the Russian segment of the Internet will be able to function steadily offline. In fact, this can be compared with how to cut off your hand and see how long it will live without the rest of the body, says Lyamin.[11]
File:Aquote2.png

2022

Roskomnadzor creates a system to control the compliance of telecom operators with the requirements of the regulator for 1.2 billion rubles

In November 2022, it became known that Roskomnadzor was creating a system to control the compliance of telecom operators with the requirements of the regulator. It is planned to spend 1.2 billion rubles on the implementation of the project in two years. Read more here.

To combat DDoS attacks, they create a system based on the "sovereign Runet"

At the end of October 2022, it became known that a system based on the "sovereign Runet" was being created to combat DDoS attacks in Russia.

As Kommersant writes with reference to the report of the subordinate Roskomnadzor Regional Radio Frequency Center (GRCC), 2023 year in Russia, 100% communication networks, including networks in the Donetsk and Lugansk republics, [[Kherson region} of Kherson region|Kherson region} of the Kherson region]] and Zaporozhye, will be covered with traffic filtering and analysis. In 2022, the share of filtered traffic on broadband Internet access is 98%, mobile - 100%. At the end of 2022, it is planned to equip 860 communication nodes with TSPU, and at the end of 2023 - 1.3 thousand nodes. The national system of protection against DDoS attacks is created by Roskomnadzor precisely on the basis of TSPU.

To combat DDoS attacks, create a system

At the same time, according to a source in the IT market, TSPUs are traffic processing devices that are aimed at solving content filtering problems and are not designed to work with such highly specialized problems as protection against DDoS attacks.

According to Sergei Khutortsev, director of the Center for Monitoring and Management of the Public Communications Network (CMU SSOP) of FSUE GRCHs, the number of attacks on the Russian information space has multiplied in the world since February 24, 2022. He stressed that since the beginning of the special military operation, "the network infrastructure of telecom operators and owners of information resources in Russia has faced unprecedented challenges." Khutortsev added that "the burden on all information security services has significantly increased ."

"The experience of repelling DDoS attacks has shown the effectiveness of the coordinated use of the capabilities of the communication network monitoring and management center, the national coordination center for computer incidents and cybersecurity companies, whose customers are enterprises and organizations that are under attack," the GRCC said.[12]"

Authorities have imposed penalties on naughty internet giants and those who partner with them

They are introduced penalties to - Internetproviders for violation of the requirements for the passage of traffic through technical means to counter threats to the stability, security and integrity of operation on the territory of the Russia network Internet communications and the public network. The amount of fines will be from 500 thousand. up to rub 1 million rubles. For repeated violation, the amount of the fine will be from 3 million rubles. up to 5 million rubles. This became known on July 7, 2022. More. here

2021

The Ministry of Digital Development begins accounting for cross-border communication lines

In November 2021, it became known about the creation in Russia of cross-border communication lines and means of communication that are connected to them. Thanks to this project, cross-border traffic crossings will be recorded to improve information security. Read more here.

31 billion rubles allocated for "sovereign Runet"

About 31 billion rubles will be spent on the work of the "sovereign Runet." This is stated in the draft Russian budget until 2024. Based on this document, RBC published an article on September 23, 2021.

According to the materials, the costs of ensuring the integrity, stability of the functioning and security of the Russian segment of the Internet in 2022 can amount to 10.8 billion rubles, in 2023 - up to 10.3 billion rubles, and in 2024 - up to 9.5 billion rubles.

The authorities estimated the provision of the "sovereign Runet" at ₽31 billion

What exactly this money will be directed to is not indicated in the explanatory note to the draft budget. RBC's source in the telecommunications market indicated that only support, warranty maintenance and operation of installed equipment usually takes 10-15% of the initial costs per year, and if we are talking about a complex software and hardware complex and the need to expand communication channels due to increasing traffic, then the amount can grow to 25-35%.

According to RBC, Roskomnadzor may plan to extend the infrastructure of the "sovereign Runet" not only to the largest telecom operators in the country, but also to the rest. Another interlocutor of the publication suggested that the state plans to continue to develop the created infrastructure: "to create DNSservers-, data registers on infrastructure, for example , border crossings of communication lines."

It is noted that in the period from 2019 to 2021, more than 30 billion rubles were allocated for the implementation of the "sovereign Runet," of which 20.8 billion were planned to be spent on TSPU - technical means of countering threats. How much was actually spent was not reported by September 2021. Representatives of Rostelecom, MTS, MegaFon and VimpelCom (Beeline brand) declined to comment to the publication on the costs of sovereign Runet[13]

Roskomnadzor equipment for the "sovereign Internet" failed

On April 9, 2021, it became known about system failures at Russian telecom operators due to equipment for the "sovereign Internet." According to Kommersant, MegaFon, MTS, VimpelCom and Tele2, as well as the major regional operator Obit, faced problems.

We are talking about the DPI (Deep Packet Inspection) system, which Obit installed "a contradiction between its equipment and the global Internet." To restore work, the operator had to exclude the Roskomnadzor controller from the traffic flow scheme, the publication says. Roskomnadzor told the publication that they knew about the incident in Obit.

File:Aquote1.png
Three hours later, the work of technical means of countering threats resumed as usual, the department said, adding that unauthorized changes in the parameters of DPI equipment for companies could face a fine of 1 million rubles.
File:Aquote2.png

Roskomnadzor devices for the "sovereign Internet" survived failures

On March 10, there were failures in the work of the sites of the Kremlin and other governmental institutions. Users also complained about problems in the operation of services Yandex",," Google MTS,,, Qiwi"" etc Russian Post Office. Experts called the reason for this a failure in the operation of equipment used to slow down traffic to. Twitter However, Roskomnadzor said that these events are not related.

According to experts interviewed by the newspaper, the failures of operators, which were recorded in March 2021, were the first large-scale incidents within the framework of the implementation of the law. The centralized traffic management system that the regulator has introduced poses a great danger, says Alexei Amelkin, president of the association of cable television operators (Makatel).

{{quote 'Any staff error can cause the internet to crash across the country,' he said, adding that accidents like this can occur regularly[14]

Russia adopted a law on fines for failures of the sovereign Internet

On February 10, 2021, the State Duma adopted in the third (final) reading a law on fines for non-compliance by telecom operators with the provisions of the law on sovereign Internet.

The law establishes the responsibility of telecom operators for violating the rules for installing and using equipment necessary to counter threats to the stability of the Russian Internet. Fines will be:

  • from 15 to 30 thousand rubles for officials;
  • from 30 to 50 thousand rubles for individual entrepreneurs;
  • from 300 to 500 thousand rubles for legal entities.

Repeated violation will entail a twofold increase in penalties.

The State Duma adopted a law on fines for failures of the sovereign Internet

For the refusal of the telecom operator to establish technical means of monitoring compliance with the requirements of the legislation, a fine of 500 thousand rubles will be imposed, and for a repeated violation during the year you will have to pay up to 1 million rubles.

In addition, in accordance with the law, for failure by the owner of the communication network to comply with the requirements that will allow law enforcement agencies to conduct operational-search activities, as well as failure to take measures to block the disclosure of their "organizational and tactical techniques" - up to 500 thousand rubles. In case of repeated violation - up to 6 million rubles.

By the second reading, an amendment was made and supported to the law providing for responsibility for violation by the owner of the information resource of fundamental human rights and freedoms, rights and freedoms of citizens of the Russian Federation, including freedom of the media:

  • the fine for citizens will be from 50 thousand rubles to 100 thousand rubles;
  • for officials - from 200 thousand to 400 thousand rubles;
  • for legal entities - from 600 thousand to 1 million rubles.

The document was submitted to the State Duma by the head of the information policy committee, Alexander Khinshtein, and his deputy, Sergei Boyarsky (both United Russia).[15]

Medvedev: Russia is technically ready for a shutdown of the global Internet

On February 1, 2021, the deputy head of the Security Council of the Russian Federation Dmitry Medvedev announced his readiness Russia to disconnect from the global one. Internet

File:Aquote1.png
Technologically, everything is ready for this. At the legislative level, all decisions have also been made, but... this is not easy and I would very much not want it. I, frankly, do not see signs of this yet, because, for obvious reasons, these are double-edged weapons, "Medvedev said in a conversation with reporters.
File:Aquote2.png

Medvedev warned that with the separation of the Runet there will be big problems: in order to reconfigure it, it will take a certain time.

Dmitry Medvedev: the Russian Federation is technically ready for the shutdown of the global Internet

The deputy head of the Security Council referred to the Chinese experience, where a total firewall operates, that is, blocking to the external Internet. He recalled that in China, world social networks have been replaced by Chinese ones, "and they are absolutely easy to experience."

File:Aquote1.png
When you arrive in the PRC, you look at your own social networks - they work. Why? But because the card in the phone is Russian, and as soon as you, for example, turn on the hotel Internet, Wi-Fi - do not work. Because all this is blocked, this is a firewall, - said the former president and prime minister of Russia.
File:Aquote2.png

The politician explained that the creation of the law on the Russian segment of the Internet is due to the need for the possibility of autonomous management of the Runet, since it is through the Internet that the management functions of the state are carried out at the modern level.

File:Aquote1.png
We couldn't leave it unchecked. Therefore, there is such a law, and, if necessary, it will enter into force, "Medvedev stressed.
File:Aquote2.png

He added that by the beginning of February 2021, all social networks operate in Russia. However, as Medvedev warned, "if social networks behave unfriendly, if they do not want to publish Russian information, if they take some obviously unfriendly position towards the country, then we have the opportunity to influence them."[16]

2020

Fines have been developed for violating the law on sustainable Runet

On November 24, 2020, it became known that a draft on fines for violations of the law on sustainable Runet was submitted to the State Duma. The document was prepared by the head of the Duma committee on information policy, information technology and communications Alexander Khinshtein and his first deputy Sergei Boyarsky.

Depending on the composition of the administrative offense, the project provides for fines for legal entities from 20 thousand to 700 thousand rubles. At the same time, in some cases, liability is also established in the form of suspension of the company's activities.

File:Aquote1.png
The project also establishes administrative responsibility for the repeated commission of an administrative offense. In this case, the amount of fines for legal entities ranges from 60 thousand rubles to 1 million rubles, the materials say.
File:Aquote2.png

Fines are provided for violation of the law on sustainable Runet

It is proposed to fine officials who are employees of providers in the amount of 15 to 30 thousand rubles for violating the requirements of the law and non-compliance with technical conditions. For failure to comply with the requirements for the installation of means of monitoring compliance with the law, a fine of 2 to 5 thousand rubles for individuals, from 10 to 20 thousand rubles for officials is threatened.

According to the authors of the amendments, the lack of responsibility in the Code of Administrative Offenses for non-compliance with the obligations provided for by the Federal Law that entered into force, "as practice has shown, forms the possibility of non-fulfillment of the obligations established in relation to them."

Roskomnadzor In commented on the initiative, explaining that the bill provides for ensuring the stability of the Russian segment. Internet They also said that the refusal of operators to provide technical information to take operational measures in the event of emergencies on communication networks "could jeopardize the connectivity of the network as a whole."[17]

The Ministry of Digital Development again canceled the exercises on the stability of the Runet

The Ministry of Digital Development canceled the exercises to ensure the sustainability and safety of the Internet in Russia, which were supposed to take place on September 20, 2020. This was reported on September 21 in the department itself.

File:Aquote1.png
On September 20, the exercises did not take place. At the moment, the federal project "Information Security" and regulations in the field of information security are being actively finalized, including on issues that were planned to be worked out during the exercises, the Ministry of Digital Development said in a statement.
File:Aquote2.png

As the Minister of Digital Development Maksut Shadayev told reporters "on the sidelines" of the Russian Internet Forum (RIF in the City), the Ministry of Digital Development is not going to abandon plans to conduct exercises on the stability of the Russian segment of the Internet, but so far there is no exact date for their holding.

The Ministry of Digital Development again canceled the exercises on the stability of the Runet

According to the head of the Ministry of Digital Development, the exercises on the stability of the Runet are "a whole range of measures." Shadayev added that a new plan of exercises will be developed to replace the old one.

According to Interfax, the Ministry of Digital Development canceled the exercises for the third time in a row. In total, four stages of such events were planned for 2020. The last exercises this year are scheduled for December 20.

According to the order of the Ministry of Digital Development, the exercises are held four times a year at the end of each quarter, they are aimed at working out separate mechanisms for responding to threats to the sustainable and safe operation of the Runet.

The main tasks of the Runet stability exercises included:

  • determination and practical implementation of measures to identify threats to the stability of Runet;
  • development of methods of counteracting them;
  • development of recommendations for improvement of legislation;
  • Testing threat response scenarios
  • increased efficiency of coordination of actions of operators and other network owners with authorities, etc.[18]

Roskomnadzor will revoke licenses from regional operators who have not installed equipment for the sovereign Internet

In September 2020, Roskomnadzor began to warn regional telecom operators about the possible suspension of the license and administrative fines for refusing to introduce technical means of countering threats (TSPU) under the law on the "sovereign Internet."

The fact that small providers receive such threats was written by the Kommersant newspaper with reference to the Orderkom Telegram channel, which, in turn, refers to complaints from companies. Information about the requirements of Roskomnadzor was confirmed to the newspaper by one of the major federal telecom operators.

According to OrderCom, Roskomnadzor requires operators to install EcoFilter equipment manufactured by RDP.ru (owned by Rostelecom). The department also determines the required number of server racks, the throughput of equipment, the publication notes with reference to letters from Roskomnadzor.

Roskomnadzor began to warn regional telecom operators about the possible suspension of the license and administrative fines for refusing to introduce TSPU

For operators, these requirements are additional costs, explained Dmitry Galushko, head of the OrderCom consulting company.

File:Aquote1.png
To provide a throughput of 100 Mb/s for DPI, a small operator in Komi or Norilsk will have to pay up to 300 thousand rubles a month for renting an additional channel, which only Rostelecom can provide in these regions, he said.
File:Aquote2.png

The technical means proposed by Roskomnadzor have the necessary certification and work without complaints, Alexei Vasiliev, deputy general director of Giprosvyaz PJSC, told Interfax in an interview. He stressed that the technical means of countering threats successfully passed laboratory tests and dense implementation back in 2019.

According to Kommersant, MTS, VimpelCom, MegaFon, Rostelecom and TransTeleCom installed Roskomnadzor equipment, almost all federal telecom operators complied with the requirement.[19]

The Ministry of Telecom and Mass Communications will oblige data centers to transfer data on equipment and tariffs to Roskomnadzor

At the end of August 2020, it became known about the decision of the Ministry of Communications to oblige data center operators in Russia to transfer data to Roskomnadzor within the framework of the law on the "sovereign Internet." Read more here.

Medvedev began to fight against US dominance in Internet governance

Deputy Chairman of the Security Council Dmitry Medvedev held a meeting on the equality of states in Internet governance. The meeting was attended by the Minister of Communications and Mass Media Maksut Shadayev, as well as the heads of the Federal Security Service (FSB).

Starting the meeting, Dmitry Medvedev noted that "the world network today means as much as it means."

File:Aquote1.png
This is the basis that has shaped the development trends of the whole world. Which, by the way, was clearly proven at a time when we all began to fight the crisis associated with coronavirus infection, Medvedev said.
File:Aquote2.png

At the same time, he added that information technology in general, of course, played and will play a colossal role in the provision. information security Russia

File:Aquote1.png
It is quite natural that a number of countries, primarily the United States of America, seek to use the Internet as their fiefdom, as a tool to ensure exclusively their goals, Medvedev said.
File:Aquote2.png

He also recalled that the United States of America fully controls the system of managing domain names, determining IP addresses, and noted that "speaking directly and simply, it should not be so." As evidence, Medvedev cited the latest decision by the current administration of the United States of America regarding owners of social and related services.

File:Aquote1.png
All this shows that the United States of America intends to continue to pursue its policy on the Internet, "Medvedev said.
File:Aquote2.png

For many years, Russia has consistently advocated the equal participation of all states in Internet governance. The corresponding approaches are implemented in the concept of the safe functioning of the Internet, developed by the Ministry of Communications, - said Dmitry Medvedev. (photo - osnmedia.ru)

He also added that the States interpret the decisions of certain companies or even more so countries, based solely on ensuring their own national interests and not considering either international competition or any existing international rules.

File:Aquote1.png
Therefore, this behavior of the United States of America and some other partners proves that in such conditions, neither netizens, business nor the state can be sure that their interests will be adequately protected. This, in fact, is the goal of ensuring equal rights, "Medvedev concluded.
File:Aquote2.png

He also recalled that several years ago, the United States, putting pressure on Russia, discussed the possibility of disconnecting it from the SWIFT payment verification system. Now, according to Medvedev, "such a very serious, harsh pressure is being subjected to the People's Republic of China."

File:Aquote1.png
Moreover, part of these sanctions, part of these methods of pressure are just going online. Therefore, we must be as ready as possible for such decisions in the future and, of course, they can be connected with the global network, "said Dmitry Medvedev.
File:Aquote2.png

He also drew attention to the fact that Russia adopted "a special law on the creation of a national network traffic routing system, which should make it possible to secure the activities of Russian Internet resources" in the event of an attack on them.

File:Aquote1.png
We proceed from the assumption that the state as a whole should have the right to independently manage its information space. Since this is one of the signs of sovereignty. We need to carry out the relevant work, but it needs to be carried out, of course, not within the country, it needs to be carried out at the international level. In this, in fact, the main set of issues that I propose to discuss, - said Medvedev.
File:Aquote2.png

He also stressed that Russia has consistently advocated for the equal participation of all states in Internet governance over the years. The corresponding approaches, according to him, are implemented in the concept of the safe functioning of the Internet, developed by the Ministry of Communications.

File:Aquote1.png
The document contains fundamentally new approaches to ensuring the security and stability of the global network. Nevertheless, all our calls, proposals, which, incidentally, have been repeatedly made, have not yet caused the necessary response in the international arena. Our partners in BRICS and the Shanghai Cooperation Organization (SCO) some time ago cautiously spoke about the creation of a specialized convention of the United Nations organization. Maybe this was one of the first, but necessary steps. But, at the same time, it is obvious that everyone agrees on the need for equal participation of states in Internet governance. Since this is an element of national security. This is no longer just a network that has been created for scientific, military, even purposes or some kind of entertainment there. This provision is also enshrined in a number of decisions that were adopted at the level of the summit of the heads of state of the BRICS and the SCO, - said Dmitry Medvedev.
File:Aquote2.png

According to him, given the severity of the problem, the latest events that have occurred, the draft concept developed in Russia should be updated and, in a good way, planned to discuss it at international platforms in a variety of formats.

File:Aquote1.png
It is necessary to give a new impetus in order to ensure the sovereign right of states to manage the Internet in the national information space, "Dmitry Medvedev drew attention.
File:Aquote2.png

Costs of 600 million rubles for the development of sovereign Runet did not lead to the expected result

In 2019 Roskomnadzor , he spent 597 million rubles on the creation of an IT system Public Communication Network Monitoring and Management Center within the framework of "." sovereign runet However, these costs and the work carried out did not lead to the planned result on time, the report says. Accounts Chamber (JV)

According to her, Roskomnadzor did not have time to launch the autonomous Internet system on time. The system was supposed to work within the framework of the federal project "Information Security" by January 1, 2020. Roskomnadzor was supposed to put into effect 28 control points for the exchange of traffic, and introduced only 22. The launch dates for the points, including the Information and Telecommunication Service checkpoint, were postponed to 2020.

In addition, as stated in the joint venture, when allocating a subsidy, Roskomnadzor set a zero indicator of its effectiveness, which contradicts the rules established by the government.

The costs of developing a sovereign runet did not lead to the result

The federal project "Information Security" of the national program "Digital Economy" says that Roskomnadzor has created a Monitoring Center, which is functioning by the end of July 2020. Subsidies for the creation of such a center were provided by the Federal State Unitary Enterprise "Main Radio Frequency Center" - the agreement was signed on June 3, 2019.

The center for control and monitoring of communication networks, according to the "law on sustainable Runet," should take over centralized Internet control in the event of threats.

The creation of the Public Communications Network Management Center within the framework of the draft law on the protection of Runet is estimated at 699 million and 546 million in 2020 and 2021. respectively. However, the Ministry of Telecom and Mass Communications says that it is not yet possible to accurately estimate how much the implementation of the then-sovereign Runet bill will cost, since the architecture and characteristics of the security and stability system are unknown.[20]

Ministry of Telecom and Mass Communications postponed exercises on "sovereign runet" due to coronavirus

On March 20, 2020, the Ministry of Telecom and Mass Communications of Russia postponed planned exercises to ensure the stability and safety of the Internet due to the spread of a new type of coronavirus. The department did not name the updated schedule of the exercises, it will be known later.

File:Aquote1.png
Planned exercises have been postponed due to the strengthening of measures to prevent the spread of coronavirus infection COVID-19, the Ministry of Communications said in a statement.
File:Aquote2.png

On March 20, 2020, the Ministry of Telecom and Mass Communications of Russia postponed planned exercises to ensure the stability and safety of the Internet due to the spread of a new type of coronavirus

Exercises should be held four times a year. The purpose of the exercise, scheduled for March 20, 2020, was to work out the possibilities of blocking traffic encrypted using DNS technologies over HTTPS and TLS. The use of cryptographic protocols for the transfer of DNS data will prevent the interception of traffic, the ministry emphasized.

The next three exercises are scheduled for June 20, September 20 and December 20, 2020. Last time, the Ministry of Telecom and Mass Communications worked out ensuring the security of cellular subscribers (including measures to protect personal data, the ability to intercept their traffic, SMS and geolocation), and also studied the situation with the risks and vulnerabilities of smart devices, including those used at critical infrastructure facilities.

According to the deputy head of the Ministry of Telecom and Mass Communications Aleksei Sokolov, who is responsible for the exercises, their exercises were to "ensure the uninterrupted operation of the Internet in Russia" under any circumstances. "

File:Aquote1.png
Of course, the scenarios that we worked out are not exhaustive in terms of the threats that we investigated. We will continue for 2020 and subsequent years of this kind of exercises and research, - said the deputy minister and added that the conclusions of the exercises will be summarized and presented to Russian President Vladimir Putin.[21]
File:Aquote2.png

Operators will be able to update equipment for the "sovereign Runet" at the expense of the state

On February 17, 2020, it became known that operators will be able to update equipment for the "sovereign Runet" at the expense of the state. The government approved the relevant rules for centralized management of the public communication network as part of the implementation of the law, as well as a decree on the installation, operation and modernization of technical means of countering threats (TSPU), which will allow filtering traffic and restricting access to prohibited sites.

As Kommersant writes with reference to the documents, the modernization for which the state will pay will become possible in cases where the existing equipment will slow down the connection speed or reduce the quality of services.

Operators will be able to update equipment for the "sovereign Runet" at the expense of the state

The Main Radio Frequency Center (GRCC) subordinate to Roskomnadzor will be responsible for the operation and maintenance of equipment. Telecom operators, in turn, are obliged to ensure uninterrupted power supply to the equipment and not interfere with its remote control during operation.

The decree also spelled out the main threats to the Runet, which should be eliminated by the concept of a "sovereign network." According to the document, they are divided into three types: threats to the stability, safety and integrity of the Runet.

The Cabinet of Ministers considers the disruption of the communication network in case of malfunctions in the functioning of its fragments or due to the impact of a natural and man-made nature to be a threat to stability.

According to the rules, threats to the security of Runet will be determined by the Ministry of Communications and the FSB following the results of the exercises, monitoring networks and research and report them to Roskomnadzor. Roskomnadzor will add this information, as well as "data on the vulnerability of communication tools and technologies," to a special list, on the basis of which centralized network management will be carried out. The regulations for responding to each type of threat will be approved by the department in agreement with the Ministry of Telecom and Mass Communications and the FSB.[22]

Operators summed up the results of testing equipment for the "sovereign Runet"

On February 10, 2020, it became known about the results of testing equipment for the "sovereign Runet." Ministry of Digital Development, Communications and Mass Media Eight operators sent letters with the results of the check. Among them,, Beeline, and "Дом.ru" Transtelecom"" MTS Rostelecom reported significant problems in the exercise process, and "," and MegaFon"- Tele2 2000" Yekaterinburg reported successful tests.

According to RBC, during the tests, Beeline and Дом.ru had a noticeable drop in the speed of traffic transmission, while Transtelecom, MTS and Rostelecom stopped working completely.

Telecom operators reported to the Ministry of Communications on the results of testing equipment for the implementation of the law "on the sovereign Internet"

Kirill Pishchalnikov, director of technical infrastructure at ER-Telecom Holding, also said that the provider failed to block Telegram, since the messenger uses proxy servers with its own cryptographic protocol for transmitting an encrypted signal.

Transtelecom said that when installing equipment in Chelyabinsk, an "incident" occurred, due to which it was necessary to interrupt the provision of communication services for the operator's subscribers. The MTS report says that in August, during the installation of equipment in Magnitogorsk, commercial traffic on the network was interrupted. Rostelecom recorded one failure during testing, which lasted six minutes.

File:Aquote1.png
There were no massive complaints and appeals from subscribers during the testing , - wrote Andrei Savchenkov, director of network infrastructure development at Rostelecom, in a letter to Oleg Ivanov, Deputy Minister of Digital Development, Communications and Mass Media.
File:Aquote2.png

According to him, the delay (the time from sending a signal to receiving it by the end device) under a working load on equipment ranged from 25 to 150 microseconds with a permissible value of 3 thousand microseconds. Now the speed of about 150 microseconds is used in trading on the stock exchange in order to conduct the transaction most quickly.[23]

The authorities will work out blocking traffic passing through the DNS over HTTPS and DNS over TLS protocols

On January 15, 2020, it became known that the Ministry of Telecom and Mass Communications approved a schedule for conducting planned exercises in 2020 to ensure sustainable, safe and integral functioning of the Internet and public communications networks in Russia. The document signed by Acting Minister of Communications Alexei Volin is published on the ministry's website.

The authorities will work out blocking traffic passing through the DNS over HTTPS and DNS over TLS protocols

As reported, the designated exercises are provided for by the so-called law "On the Sovereign Internet," which entered into force in 2019. Telecom operators and organizers of the dissemination of information on the Internet (ARI) are obliged to participate in the exercises.

The first exercises under this law took place at the end of 2019. According to unofficial information, then a vulnerability in cellular networks was revealed through the SS7 and Diameter signaling protocols.

According to the order of the ministry, on March 20, 2020, the ability to block traffic protected using DNS technology over HTTPS (DoH) and DNS over TLS will be worked out.

On June 20, 2020, counteraction to threats to the stability of the functioning of the Internet and the public communication network in Russia will be worked out, in which the operability of communication networks is disrupted in the event of a failure of a fragment of the communication network, as well as in conditions of external destabilizing effects of a natural and man-made nature.

On September 20, 2020, countering attacks using vulnerabilities in narrowband Internet of Things networks will be worked out. Finally, on December 20, 2020, countering attacks using BGP vulnerabilities will be worked out.

BGP is a protocol for routing traffic on the Internet. The protocol is based on trust, in connection with which the provider can potentially declare other people's IP addresses and intercept traffic addressed to them.

DNS is the system responsible for the correspondence of IP addresses to the domain. DNS over HTTPS and DNS over TLS are experimental versions of the DNS system based on the secure HTTPS and TLS protocols, respectively.

The use of such protocols allows you to hide user requests to the DNS system from the provider. Potentially, these protocols can also be used to bypass users to block access to prohibited Internet sites, since the provider does not know which domain its user accesses.

In parallel, Communications Minister Konstantin Noskov signed another regulatory act, also provided for by the law "On the Sovereign Internet" - an order on the requirements for the functioning of hardware and software of the DNS system. According to it, telecom operators, ARIs and owners of technological communication networks that own their own numbers of autonomous Internet systems are required to keep logs of user requests to the DNS system and store this information for a year.[24]

2019

The first exercises on sovereign runet were held

On December 23, 2019, the Ministry of Telecom and Mass Communications announced the results of the first exercises held under the law on "sovereign runet." They took place for several days in Moscow, Vladimir, Rostov and other cities.

The Ministry of Telecom and Mass Communications reported on the results of the first exercises held under the law on "sovereign runet"

As Vedomosti writes with reference to the deputy head of the Ministry of Telecom and Mass Communications Aleksei Sokolov, several scenarios were tested during the exercises:

  • communication stability;
  • cellular security, including issues of personal data protection and traffic interception;
  • the safety of using Internet things.

According to Sokolov, the exercises as a whole confirmed that the authorities and operators are ready to promptly respond to external threats and ensure the uninterrupted operation of the Internet and communications. Such exercises will take place once a year.

File:Aquote1.png
Our task is to make everything always work. We understand that new challenges and threats will arise, to which we must be ready to respond, - said the Deputy Minister.
File:Aquote2.png

As the CNews edition writes with reference to the Esher II Telegram channel, the exercises revealed a high degree of vulnerability of cellular communication networks through the OKS-7 (SS-7) and Diameter signaling systems. A total of 18 scenarios of the corresponding attacks were carried out. 62.5% of attacks carried out through SS-7 and 50% of attacks through Diameter were successful. However, attacks were quickly detected - on average, in 2 − 3 minutes.

SS7 is a closed channel through which service commands are transmitted to connect subscribers of local, long-distance, international and wireless operators around the world. Diameter is one of the protocols used in LTE networks.

The conclusions and results of the exercises will be provided to the president. The Ministry of Telecom and Mass Russia Vladimir Putin Communications noted that for ordinary users the exercises have passed and will be held unnoticed, since testing is carried out on dedicated traffic.[25][26]

Beeline, MTS, Megafon and Kaspersky Lab participate in sovereign Runet exercises

Telegram channel "Behind Telecom" published at the end of December a copy of a letter from the head of Ministry of Digital Development, Communications and Mass Media Konstantina Noskov on conducting exercises to ensure the sustainable, safe and holistic functioning of the Internet. This kind of exercise is provided for by the law that recently entered into force, which received the conditional name "on the sovereign Runet" in the media[27]

The purpose of the exercise in the letter is indicated: checking the coordination of repair and restoration work on the unified telecommunication network of Russia; checking the integrity and stability of the Internet in Russia (including in the event of distortion of routing information in RIPE DB databases and in the DNS system); checking the possibility of intercepting subscriber traffic and disclosing information about the subscriber, blocking communication services for subscribers (SMS and Internet access), disrupting the operation of OKS-7 and Diameter channel signaling systems in cellular communication networks.

Also, the objectives of the exercise include: checking the integrity and stability of the Internet in cellular networks in cases of using Russian USIM cards with domestic cryptography; checking the possibility of obtaining unauthorized access to information systems, interception and modification of data transmitted during the exchange of information, including using domestic SSL certificates; analysis of threats and vulnerabilities arising in industry cyberphysical systems (transport, power, etc.) related to the use of domestic and foreign Internet of Things devices .

Representatives of Rostelecom and its subsidiary Rostelecom-Solar, Transtelecom, Tele2, Megafon, VimpelCom, Mobile Telesystems, (MTS), Modern Radio Technologies, Group IB, Positiv Technololjis and Kaspersky Lab will participate in the exercises from telecom operators and IT companies.

Tender for the creation of the IS "National Certification Center" to ensure the sustainable functioning of the Runet

On December 12, 2019, TAdviser became known that a tender for the creation of a specialized information system "National Certification Center" and research on information security requirements in the context of such a system was published on the portal of the Unified Information System in the field of procurement. Read more here.

Medvedev does not exclude the possibility of disconnecting Russia from the world Internet

Disconnecting Russia from the global Internet is a real threat, but the law on sovereign runet should help to avoid this. This opinion was expressed by Russian Prime Minister Dmitry Medvedev on December 5, 2019 during an annual interview with Russian television channels.

He stressed that this law is not aimed at banning something, since bans on the Internet are easy to bypass, but at protecting against possible attempts to cut off Russia from the world network.

Dmitry Anatolyevich warns of abandoning the world web
File:Aquote1.png
Usually in such cases they say: "Well, who is going to cut us off [from the Internet]? As it was said in one Soviet film, these are philistine talkers, - said the head of government.
File:Aquote2.png

He also noted that Russia is on the verge of "not the usual Internet, but also the Internet of things. And these are technological processes. This is generally a dangerous thing. "

According to Medvedev, the law on sovereign runet does not imply blocking YouTube.

File:Aquote1.png
No one is going to close anything, YouTube as it was and will remain, and those who earn on YouTube will be able to earn money, although it does not depend on us, but on the policy of YouTube itself, "he said, stressing that the earnings of bloggers both depended and will depend on the quality of the content they produce.
File:Aquote2.png

The Kremlin reported on the threat of disconnecting Russia from the global Internet earlier in 2019. Press Secretary of the President of the Russian Federation Dmitry Peskov said about the grounds to believe that Russia is trying to disconnect from the global Internet infrastructure.

According to a Kremlin spokesman, Moscow is obliged to take precautions that will allow Russia to remain in touch with the Internet.

Peskov added that individual countries could jeopardize international law, so a law on reliable Internet is needed.[28]

Operators are asking to revise the law on sovereign runet. It does not protect user data

In early December 2019, operators asked to amend the law on sovereign Internet. They want to prohibit companies that will install special equipment on their networks from using subscriber data.

The topic of the fate of these subscribers due to the so-called law on sovereign runet was discussed at a closed seminar-meeting dedicated to the development and adoption of regulatory legal acts necessary for the implementation of the law. The meeting took place on November 28, 2019 at the Federation Council, reports. RBC

Operators worried about sovereign runet

According to Karen Kazaryan, a leading analyst at the Russian Association of Electronic Communications (RAEK), we are talking about the safety of both personal data and other information, for example, browser history.

Information security consultant Cisco Systems Alexey Lukatsky notes that one of the main shortcomings of the law is the lack of a section on responsibility for network performance.

By the beginning of December 2019, the safety of the data is not ensured by anything, and theoretically, information about customers can get to third-party companies that can use the information for commercial purposes, explained one of the interlocutors of the publication.[29]

Ex-employee of the FSO headed the center for the management of sovereign Runet

On November 27, 2019, it became known about the appointment of former employee FSO Sergei Khutortsev to the post of head of the Center for Monitoring and Management of Communication Networks (CMU) at. Roskomnadzor This center is necessary for the implementation of the law on "sovereign runet" and will be able, if necessary, to take over the centralized management of the Russian segment. Internet More. here

The Government of the Russian Federation called threats to the sovereign Runet

In early November 2019 Government of the Russian Federation , he called threats to the sovereign. to RuNet The list is contained in the draft resolution, which is coordinated by the relevant ministries, transmits "."Interfax

The authorities called the lack of the ability to establish a connection between users and information resources a threat to the integrity of the Internet in Russia. This list includes threats of violation of communication network interaction with foreign networks, due to which there may be no access with users or information resources abroad.

The Government of the Russian Federation called threats to the sovereign Runet, the list of which is contained in the draft resolution and is coordinated by the relevant ministries

In addition, threats include a violation of the network's ability to resist unauthorized access attempts that disrupt the work of external or internal influences and the dissemination of information prohibited in Russia.

Another threat is disruption of the network in case of failure of part of its elements or under the influence of natural or technological factors.

The government believes that in addition to the actual cyber attacks, threats to the work of online resources of authorities and local government, as well as the functioning of communication network management systems, the national domain name system, and the country's critical information infrastructure should be prevented.

The resolution also indicates "threats of violation of the information security of automated communication network management systems of operators." One of the reasons for the isolation of Runet may be "destabilizing internal or external information influences" and the dissemination of information prohibited in Russia.

In the event of these threats to the functioning of the Russian Internet, centralized traffic management passes to Roskomnadzor.

The types of threats are determined by the cabinet. The requirements for ensuring the functioning of traffic exchange points (this concept also defines the law) will be approved by the Ministry of Telecom and Mass Communications in agreement with the FSB of the Russian Federation.[30]

The law on sovereign runet came into force in Russia

On November 1, 2019, a law on sovereign runet entered into force in Russia, but equipment for isolation has not yet been installed.

The law will still operate "in fact not throughout the territory ," Kommersant writes, citing an unnamed source close to the presidential administration. It will take about a year to fully install the equipment in Russia.

By the beginning of November 2019, the authorities have not yet approved a list of threats in which the Runet switch is "turned off," the source said in one of the operators. Only seven by-laws out of 26 necessary have been officially published, estimates Diphost CEO Philip Kulin. According to him, three changes have been made to the provisions on the Ministry of Communications, Roskomnadzor and GRCC, as well as the conditions for installing TSPU.[31]

The law on sustainable Runet entered into force
File:Aquote1.png
This, I believe, is enough for them to juggle the right and shove TSPU operators with some reservations, "he said.
File:Aquote2.png

  By January 1, 2021, it is planned to create a national domain name system that will duplicate the list of domain names and numbers of autonomous systems delegated to Russian users.

For all this, regulatory legal acts clarifying the law are needed, some of which still exist only in the form of a general concept. According  to RBC, first of all, the government approved a decree on the rules for interaction of owners of technological communication networks with state security agencies.

In June 2019, Russian President Vladimir Putin named the goals of the innovations. The head of state assured that the law would be applied only in exceptional cases.

File:Aquote1.png
I hope it will not come to this, but if we assume that the servers will be disconnected or somehow affect their work, then in any case we must ensure the reliable functioning of the Russian segment of the Internet. No restrictions are planned here - the law is designed to ensure the sovereignty of our Internet and the opportunity to work there, - said the Russian leader.
File:Aquote2.png

In Russia, exercises on the autonomy of Runet will be held at least once a year. Medvedev signed a decree

In October 2019, Prime Minister Dmitry Medvedev signed a decree on conducting exercises on the autonomy of Runet. They will be held at least once a year, according to a document published on the legal information portal. The resolution will come into force on November 1, 2019.

The plan for the exercises of the Ministry of Telecom and Mass Communications will be coordinated with the FSB, the Ministry of Defense, the Ministry of Emergencies, the Federal Security Service and the Federal Service for Technical and Export Control (FSTEC). Exercises can also be unscheduled if there is a threat to the stability and integrity of the Network.

They will prepare for the isolation of Runet during the exercises. They will be arranged at least once a year

Participants of the exercises are defined as telecom operators, owners or other owners of technological communication networks, traffic exchange points, communication lines crossing the border of the Russian Federation, organizers of information distribution on the Internet, having a unique identifier of a set of communication means and other technical means in the network.

The purpose of the exercise is to check the stability and security of traffic exchange points, detect threats to the stability of Runet, as well as work out the restoration of networks in case of emergency.

Participants will need to learn how to perform tasks in conditions when the Internet in Russia  will be at risk of security and integrity, and only the Russian state segment of the network will work.

After the exercise, the Ministry of Telecom and Mass Communications will prepare   recommendations on ensuring sustainable operation of the Internet on the basis of a report on their results and  send them to telecom operators and network owners. The document provides for unscheduled exercises in the event of threats to the functioning of the Internet and the public communication network.

30 billion rubles will be allocated from the budget for the implementation of the autonomous Runet project. Secretary of the Security Council Nikolai Patrushev said that Russia will not disconnect from the world Internet, and the law is a necessary measure due to the danger of disconnecting Russia from the Internet from the outside.[32]

Ex-head of Nokia in Russia began to oversee the introduction of systems for the "sovereign Runet"

On September 26, 2019, it became known that Rashid Ismailov headed the Data - Processing and Automation Center (DTSOA) company,  which will introduce traffic filtering systems within the framework of the law on "sovereign runet."

According to RBC, citing its sources, the pilot project is taking place in the Urals - by the end of 2019, the structure of Roskomnadzor plans to cover with traffic filtering systems (Deep Packet Inspection; DPI) the entire federal district. DTSOA is engaged in the supply and implementation of technology on the networks of all operators, and the equipment is supplied by RDP.RU (15% owned by Rostelecom).

Rashid Ismailov

The EcoNATDPI device is expected to be used. It will allow you to filter traffic and resolve the issue with a lack of IPv4 addresses. The pilot project involves Rostelecom, MTS, MegaFon, VimpelCom, ER-Telecom Holding and Yekaterinburg-2000. Testing mainly affects home Internet users. Simultaneously with the installation of DPI on operator networks, a backup operation scheme is provided - the Bypass mechanism. The costs of implementing the pilot are financed from the budget of the GRCC, the interlocutors of the publication specified.

According to RBC, the equipment is already standing in Yekaterinburg, it is also installed in Chelyabinsk, Tyumen, Magnitogorsk and other cities.

The source says that in those cities where DPI is already installed, it is included for limited time periods: "This is testing - they turn on, observe, then turn off. They try to make sure that all this goes through unnoticed by users "

File:Aquote1.png
After the delivery of the pilot, they will assess how "toxic" it was for users, that is , whether it affected the service, as well as whether everything from the register of banned sites of Roskomnadzor was blocked and whether something superfluous was blocked , - said the participant in the pilot project.[33]
File:Aquote2.png

The head of Roskomnadzor Alexander Zharov spoke about the installation of equipment for the "sovereign Internet" of Russia

On September 24, 2019, the head of Roskomnadzor, Alexander Zharov, spoke about the installation of equipment for the "sovereign Internet" of Russia.

File:Aquote1.png
We [together with telecom operators] will test it for several weeks from the end of September... We will first conduct a technical check: it affects traffic, does not affect traffic, whether all services work successfully. And then we will test it in combat mode. While everything is going fine, when the experiment is completed, I will tell you about the results, "he said.
File:Aquote2.png

The experiment will take place in one of the regions until mid-October 2019, Interfax reports.

Roskomnadzor began installing equipment for the isolation of Runet

Alexander Zharov noted that testing will be carried out on the equipment of one manufacturer, which has completely passed bench tests. By September 24, 2019, they are being tested together with two other vendors, he added. According to the head of Roskomnadzor, there are "РДП.ру" among them.

Earlier, Vedomosti wrote that when testing the blocking of the Telegram messenger, it was the development of the RDP.RU company that was recognized as the most effective.

In addition to Roskomnadzor, the FSB and the FSO are involved in checking the devices. Zharov also said that work on the creation of a public communication network monitoring and management center is proceeding as planned.

The cost of equipment necessary to isolate Runet in the event of a threat, Alexander Zharov did not specify. He asked to wait for the completion of the experiment, to conduct it at several levels of installation on the networks of telecom operators.

File:Aquote1.png
After that, we will calculate and, of course, show up for money, we  will not hide this from you either, ― he promised.
File:Aquote2.png

Earlier, the fact of participation in testing solutions to implement the requirements of the law on "autonomous Runet" was confirmed by the vice president MTS for technology and information technology. Andrey Ushatsky The test zone for testing is organized on the operator's network in the Urals, he specified.[34]

In case of threats to the functioning of the Runet, Roskomnadzor will take control of it. Discussion of documents started

On May 24, 2019, it became known that Ministry of Digital Development, Communications and Mass Media it posted two documents on the Federal Portal of draft regulatory legal acts, which formulate the types of threats to, RuNet methods of countering them and approve the provision on conducting exercises to ensure the sustainable functioning of the Russian segment, Internet reports "."Roskomsvoboda

In the first of the documents, communications "On the approval of the procedure for centralized management of a public network," three threats are identified: the integrity, stability and security of the Runet. When they come, the management of the Russian segment of the network takes over. Roskomnadzor

The threat to integrity is described as a situation in which domestic users, due to external influences, will not be able to establish a connection with each other. The threat of stability suggests that due to breakdown, large-scale natural or man-made disasters, the operation of equipment is partially disrupted. A security threat is an attempt to hack into providers' equipment and a "destabilizing internal or external information impact." In the future, the list can be expanded. The threats will be determined by the Ministry of Telecom and Mass Communications in agreement with the FSB.

Roskomsvoboda emphasizes that, according to the document, Roskomnadzor will be able to unilaterally decide how relevant the threats are and whether it is worth switching to the mode of centralized management of the Runet, and "in case of an urgent response" this will be done without notifying providers. Isolation of the Russian segment of the World Wide Web is possible if the danger of a threat and the likelihood of its occurrence are assessed as high.

In the second document, "Regulation on the conduct of exercises," a definition of exercises is given and the procedure for their conduct is prescribed. Thus, the exercises are "a set of organizational, technical and tactical measures aimed at fulfilling training tasks by participants in the exercises in a specific situation of threats to the integrity, stability and safety of functioning on the territory of the Russian Federation of the Internet and the public communication network." They are held at the regional and federal levels.

Among the participants are "telecom operators, owners or other owners of technological communication networks, owners or other owners of traffic exchange points, owners or other owners of communication lines crossing the State Border of the Russian Federation, other persons if such persons have an autonomous system number," as well as various departments, including the Ministry of Communications, FSB, FSO and the Ministry of Defense.

Among the tasks of these measures are the definition and practical implementation of measures to identify threats to Runet with the clarification of models of these threats, updating norms aimed at ensuring stability, training in the use of techniques for ensuring stability, research and improvement of techniques and methods for ensuring the protection of Runet.

Within a month after the completion of the exercises, the Center for Monitoring and Management of the Public Communications Network should, together with the federal executive authorities, analyze the collected information and prepare a conclusion that will be approved by the Ministry of Telecom and Mass Communications in coordination with the Ministry of Defense of the Russian Federation, the FSB and the FSO. This document will contain recommendations for improving the information security, integrity and stability of the functioning of the Runet and the public communication network in Russia and a list of measures necessary for taking.

The public discussion of both documents will last until July 13[35] to[36].

Putin signed a law on the sovereign Runet

On May 3, 2019, it became known that President RFVladimir Putin signed the so-called law on the isolation of the Runet, designed to ensure the stable operation of the Russian segment of the Internet in the event of a disconnection from the World Wide Web or coordinated attacks.

According to the provisions of the law, in the event of threats to the stable, safe and holistic operation of the Runet on the territory of the Russian Federation and the public communications network, Roskomnadzor will be able to carry out centralized traffic management in accordance with the procedure established by the Russian government. At the same time, the Cabinet of Ministers will approve the procedure for such management, determine the types of threats and measures to eliminate them.

In addition, the government will determine "cases of managing technical means of countering threats and transferring mandatory instructions," as well as determine the conditions and cases in which telecom operators will have the right not to direct traffic through technical means of countering threats. Such funds will be provided by Roskomnadzor.

Operators who have installed such technical means are exempted from the obligation to restrict access to sites with prohibited information. According to the current legislation, they must block such content themselves.

The law also provides for the creation of a national domain name system. The procedure for its creation, requirements for it and the rules for its use will be established by Roskomnadzor. The agency will also establish a list of domain name groups that make up the Russian national domain zone. Coordinate the formation of domain names will be a non-profit organization, one of the founders of which will be the Russian Federation.

The law will enter into force on November 1, 2019, with the exception of a number of provisions, in particular cryptographic to protection on the national domain name system, which will take effect on January 1, 2021 [37]

The bill on the "autonomous Runet" was approved in the second reading

On March 12, 2019, it became known that the State Duma adopted in the second reading a bill on the safe and sustainable operation of the Runet.

The document is aimed at protecting the sustainable operation of the Internet in Russia in the event of a threat to its functioning from abroad. The project, in particular, provides for the creation of a public communication network monitoring and management center under Roskomnadzor, which will ensure the availability of communication services in the Russian Federation in any "extraordinary" situations, as well as coordinate the efforts of operators in such situations. The head of the State Duma Committee on Information Policy Leonid Levin previously said that by amendments to the second reading, the entry into force of the Runet law was postponed to November 2019, with the exception of the provisions cryptographic information protection on the and national domain system of names, which will come into force on January 1, 2021.

In addition, according to the amendments, information from government agencies and state-owned enterprises on the Internet will be additionally protected by encryption, and telecom operators will be exempted from the obligation to restrict access to sites with prohibited data if they establish technical means to counter threats.

At the same time, Roskomnadzor will be obliged to respond to requests from telecom operators about whether the Internet failures were caused by the work of technical means to counter threats[38].

The bill on the "autonomous Runet" was approved in the first reading

On February 12, 2019, it became known that the State Duma approved in the first reading the bill on the autonomous Runet, developed by deputy Andrei Lugov senators Lyudmila Bokova and Andrei Klishas.

The document in the form of amendments to the laws "On Communications" and "On Information, Information Technologies and Information Protection" provides for the empowerment of Roskomnadzor to control Internet traffic.

"For" the adoption of the bill voted 334 deputies, "against" - 47. State Duma Speaker Vyacheslav Volodin said that the bill should be finalized for the second reading, and its discussion should be organized more effectively with the participation of the Government, the Ministry of Telecom and Mass Communications, business circles and the business community.

The document introduces the concept of an autonomous Internet system - an identifier of a set of communication means and other technical means on the Internet that have a single routing policy. In fact, we are talking about an organization that owns its own IP pool. The document also provides for the presentation of requirements for the owners of technological communication networks.

The bill was supported by the Ministry of Communications, Roskomnadzor, Rossvyaz, the FSB and FSTEC (Federal Service for Technical and Export Control). In the industry, the document caused a contradictory reaction. It was opposed by the Russian Union of Industrialists and Entrepreneurs (RSPP), VimpelCom, MTS, Megafon and Yandex.

The company's data indicate that although the installation of equipment to counter technical threats will be carried out free of charge, operators will still incur the cost of supporting it. In addition, it is not clear how to determine whether a certain failure in the communication network was caused by the operation of this equipment or not.

At the same time, the bill was supported by Rostelecom and VK (formerly Mail.ru Group).

The requirements for the installation of specialized equipment by telecom operators should be based on the principle of non-deterioration of technological capabilities for the provision of communication services. The Government also noted that installing specialized equipment for telecom operators, creating a center for monitoring and managing communication networks and conducting exercises will require budgetary funds.

In turn, the Accounts Chamber sent a negative response to the bill. Auditors also indicated that its implementation would require budgetary funds. In addition, the implementation of the bill may lead to an increase in tariffs for communication services, which again will lead to an increase in expenses at all levels[39]

2018: Bill on "sovereign internet" submitted to the State Duma

On December 14, 2018, it became known that a bill was submitted to the State Duma aimed at protecting the Russian segment of the Internet from cyber attacks. The document was developed by deputy Andrei Lugovoi and senators Lyudmila Bokova and Andrei Klinshas.

The bill in the form of amendments to the laws "On Communications" and "On Communications, Information Technologies and Information Protection" provides Roskomnadzor with serious powers to control Internet traffic and the activities of Internet providers.

The bill introduces the concept of the number of an autonomous Internet system - a unique identifier of a set of means of communication and other technical means on the Internet that have a single routing policy. In fact, we are talking about an organization that owns its own pool of IP addresses.

Responsibilities for Internet Traffic Point Owners

The concept of an Internet traffic exchange point (Internet Exchange, IX) is also introduced - communication facilities and a set of means of communication, using which their owner or owner ensures the connection and passage of traffic between communication networks of telecom operators, the owner of technological communication networks and autonomous systems.

IX owners will have to notify Roskomnadzor of their activities and fulfill its requirements for the uninterrupted operation of communications. IX will be able to connect only Internet providers and owners of autonomous systems that comply with the requirements for SORM (System of operational-search measures designed to intercept subscriber traffic by special services) imposed on telecom operators and organizers of information dissemination on the Internet (ARI).

Responsibilities for Cross-Border Trunk Channel Owners

Owners of cross-border trunk channels will also have to notify Roskomnadzor of their work and report data on the technical means they use to route traffic.

Owners of technological communication networks and autonomous networks will have to comply with the requirements for filtering Internet sites prohibited in Russia (now these requirements must be fulfilled only by telecom operators) and provide connection to SORM.

Internet providers will entrust the protection of their networks and traffic management to Rsokomnadzor

Internet providers will have to install "technical means of countering threats" that Roskomnadzor will choose. The telecom operator must inform Roskomnadzor about the fact of installing such means within three days.

If you install protection against attacks, the ISP will no longer have to independently comply with the requirements for filtering prohibited Internet sites. Also, the provider will not have to be responsible for failures in the work of such funds.

Providers, owners of technological communication networks and autonomous networks will have to comply with the rules for routing Internet traffic established by Roskomnadzor and the adjustments made to them. In the event of a threat to the Russian segment of the Internet, Roskomnadzor may take over the functions of centralized Internet traffic management.

In addition, providers, owners of technological communication networks and autonomous networks will have to exchange traffic only through exchange points entered into the corresponding register of Roskomnadzor. Also, the requirements of the specified department for the uninterrupted functioning of communication facilities that ensure the exchange of traffic with other telecom operators will have to be met.

Another requirement is that telecom operators, organizers of the dissemination of information on the Internet, owners of technological communication networks and autonomous systems to perform the functions of resolving the correspondence of domain names to IP addresses (system) DNS will be able to use only software and hardware approved by Roskomnadzor.

In addition, these persons will have to participate in the exercises conducted by the authorities to protect against cyber threats.

Also, providers, owners of technological communication networks and autonomous systems will have to inform Roskomnadzor of the following information:

  • What cross-border backbone links they use, what telecommunication routing techniques they use on those links, and where they connect to them;
  • where on the territory of foreign countries there is a connection to their networks;
  • which autonomous systems they own and which include IP addresses;
  • what telecommunication message routes, DNS tools are used, and what are infrastructure the communication networks.

National Domain Zones and National DNS

Another point of the bill involves the creation by Roskomnadzor of a national domain name system. Obviously, the domain zones.Ru and.RF will fall into these systems. Roskomnadzor will also create a national system for resolving the correspondence of domain names to IP addresses (DNS).

As of December 2018, the administrator of the.Ru and.RF domain zones is the non-profit organization Coordination Center of the National Internet Domain (CC). The functions of the technical operator of domain zones are performed by the Technical Center for the Internet (TCI): until the beginning of 2018, he was a subsidiary of the CC, and now he has become a subsidiary of Rostelecom.

Another requirement of the bill is that the owners of state and municipal information and information systems of state-owned companies should not use databases and technical means located abroad.

Response to Donald Trump

The authors of the bill call it a response USA Donald Trump (Donald Trump) to the strategy recently adopted by the President, cyber security which Russian parliamentarians call "aggressive." The document Russia is accused of implementation cyber attacks against the United States and international companies, in connection with which it is necessary to take measures to ensure long-term and sustainable work in. Internet Russia

How the Ministry of Telecom and Mass Communications wanted to write a similar bill

The current bill resembles a bill on critical Internet infrastructure developed by the Ministry of Communications two years ago under the leadership of Deputy Minister of Communications Aleksei Sokolov.

Then it was about the creation of the state information system (GIS) "Internet," which would include traffic exchange points, cross-border trunk channels and autonomous systems.

Since then, the bill has been modified and offered additional restrictions. So, it was decided to oblige Internet providers to pass traffic only through IX, entered into the GIS "Internet." Then it was supposed to prohibit foreigners from owning more than 20% in the authorized capital of IX.

The bill "On Critical Internet Infrastructure" caused several criticisms of the Ministry of Economic Development and was not approved by the government. At the same time, the Information Security section of the Digital Economy program involves various measures to create GIS Internet, which Rostelecom will deal with. The costs of the relevant measures will amount to about 2 billion rubles.

Market participants sharply criticize the document

File:Aquote1.png
It is not clear at whose expense Internet providers will install the technical means selected by Roskomnadzor. If for your own, then this will lead to an increase in subscriber tariffs. All information, the collection of which, according to the bill, should be carried out by Roskomnadzor, is already in open sources. The IP protocol is designed in such a way that traffic is transmitted along the optimal route, and not along the one that Roskomnadzor chooses. Trying to manage "black lists" on the Internet, Roskomnadzor has already allowed "holes" in its systems. Managing all traffic by means of Roskomnadzor will lead to the opposite result, as the authors of the bill declare: the risks of complete network inoperability and leaks via the BGP protocol, which is used to route Internet traffic.
File:Aquote2.png

The CC, VimpelCom, MTS and Roskomnadzor declined to comment. The representative of Rostelecom limited himself to commenting that the company is studying this bill[40].

2017: Plan to consolidate the legal status of the Russian segment of the Internet

During the meeting of the Government Commission on the Use of Information Technologies, which took place at the end of December 2017, a plan was approved to amend the federal law of 07.07.2003 No. 126-FZ "On Communications" within the framework of the state program "Digital Economy." Legislative innovations are designed, in particular, to consolidate the legal status of the Russian segment of the Internet, its infrastructure and the procedure for its functioning.

Runet will be regulated in the law "On Communications"

It is assumed that the consolidation of the legal status of the Runet, in turn, will allow: to ensure the integrity, stability and security of the functioning of the Russian segment of the Internet; determine the powers of federal executive bodies to block illegal content; introduce the concept of a state information system for ensuring the integrity, stability and security of the functioning of the Russian segment of the Internet, as well as a conceptual apparatus of terms and definitions of information security in a digital economy.

The development of the relevant changes is scheduled for February-March 2018, it will be dealt with by the Ministry of Communications and Communications of the Russian Federation. The estimated time for the adoption of the law by the State Duma is December 2018. Experts indicate that the discussion of this project has been ongoing since 2016.[41]

File:Aquote1.png
The key innovation here is the approval of the legal status of the Runet, - said Dmitry Gvozdev, General Director of Information Technologies of the Future. - That is, it is assumed that now the Russian segment of the World Wide Web will be legally considered as a separate entity regulated by Russian regulations. The adoption of such a law may indicate both an attempt to systematize legislation in the field of the Internet at a new stage, and the first steps towards highlighting the national segment in order to strictly administer it. Otherwise, the changes appear likely to be substantial, but not fundamental. For example, the powers of federal executive bodies to block illegal content have long been determined.
File:Aquote2.png

Notes

  1. Russia is creating its own Internet infrastructure. Now to check IP address routing
  2. RKN weaves new networks: the service will update the site blocking system for 59 billion rubles
  3. No. 216-FZ On Amendments to the Federal Law "On Information, information technologies and information protection "and certain legislative acts of the Russian Federation
  4. Roskomnadzor after the failure of the zone.ru changes the order of operation of the "sovereign Runet"
  5. ILV will divide operators into primary and secondary due to Runet stability exercises
  6. All communication nodes in Russia are 100% equipped with means to counter threats
  7. Providers pressed the host
  8. Monitoring of Information Technology and Telecommunications Legislation for August 2023
  9. On Amendments to the Federal Law "On Communications"
  10. Traffic is to blame: providers who do not connect to the "sovereign Internet" will face fines
  11. and media/05/07/2023/64a569439a794106d06262b In Russia, the stability of the Runet was checked in case it was disconnected from the outside
  12. To combat DDoS attacks, they will create a system based on the "sovereign Runet
  13. The authorities estimated the provision of the "sovereign Runet" at ₽31 billion
  14. . [https://www.kommersant.ru/doc/4763212 Independence failures Traffic lost in the equipment of the "sovereign Runet"]}}
  15. The enemy will be defeated, the victory will be for the bank. Central Bank for the first time conducted remote anti-hacker exercises
  16. Medvedev announced the technical readiness of the Russian Federation to disconnect from the global network
  17. The State Duma proposes to fine for violation of the requirements for sustainable Runet
  18. The Ministry of Digital Development will prepare a new plan for exercises on the stability of the Runet
  19. Providers were pumped up with "sovereign Internet." Authorities demand installation of traffic filtering equipment
  20. Roskomnadzor is behind the schedule for the creation of a "sovereign Runet"
  21. and media/20/03/2020/5e7456be9a7947247c8bf391 Ministry of Communications postponed exercises on the "sovereign Runet" due to coronavirus
  22. Equipment for the "sovereign Runet" is modernized at the expense of the state
  23. Operators reported on the results of testing the "sovereign Runet"
  24. The authorities are looking for a way to defeat Internet protocols that are not afraid of blocking Roskomnadzor
  25. The Ministry of Telecom and Mass Communications summed up the results of the first exercises under the law on "sovereign runet"
  26. The exercises on the sovereign runet revealed the vulnerability of cellular networks
  27. , Beeline, MTS, Megafon and Kaspersky Lab participate in the exercises of the sovereign Runet.
  28. Fines will disperse the clouds
  29. Operators asked to amend the law "on the sovereign Runet"
  30. The government has identified threats to the sustainable Runet
  31. Filter content
  32. Resolution of the Government of the Russian Federation of 12.10.2019 No. 1316 "On Approval of the Regulation on Conducting Exercises to Ensure Sustainable, Safe and Integral Functioning of the Internet Information and Telecommunication Network and Public Communications Network in the Russian Federation"
  33. and media/26/09/2019/5d8b4c1c9a7947d3c58f9a48 The ex-head of Nokia in Russia will implement the systems of the "sovereign Runet"
  34. Roskomnadzor spoke about the installation of equipment for the insulation of Runet
  35. [https://www.cableman.ru/content/minkomsvyaz-opredelila-ugrozy-dlya-runeta-i-poryadok-uchenii , the Ministry of Telecom and Mass Communications determined the threats
  36. the Runet and the procedure for the exercises]
  37. [https://www.securitylab.ru/news/498984.php Putin signed the law on the sovereign Runet More: https://www.securitylab.ru/news/498984.php].
  38. The State Duma adopted in the second reading a bill on the sustainable operation of the Runet
  39. Servants of the people approved the creation of an "autonomous Runet" in Russia.
  40. A law on a fully autonomous Runet has been submitted to the State Duma
  41. Approved action plan in the direction of "Information Security" of the program "Digital Economy of the Russian Federation"