THE Russian government plans to turn off direct connections to all internet routers outside its borders. The exercise, which is unlikely to last for more than a day or two, is supposed to allow Moscow to test its defenses against outside cyberattack. The shutdown does not in fact mean that Russians will suddenly find themselves unable to access servers around the world, but rather than they will reach those sites through routers set up in Russia.
There are in fact 12 international routers, none sited in Russia, which handle the huge daily flows along links to billions of different addresses. These dozen routers are the official “post offices” for the Domain Name System (DNS) upon which the entire internet relies. But the address information held in those “post offices” has been cloned by the likes of Russia and China. Beijing uses its clone of the DNS to block out the postboxes of sites that contain anything critical of its policies, including its treatment of the Uighur and Tibetans.
Moscow, however, says that its own DNS exercise is to test the resilience of its domestic internet in the event that its access to the core 12 international “post offices” is shut down. But there is also likely to be a sneakier reason for the move. The Russians, along with the authorities in most developed economies, assume their systems have been penetrated by cyber-spies. A classic operation involves planting a piece of software in a targeted system and having the bug report back regularly on what it is seeing. If that bug’s direct link to its cyber-master’s server was suddenly cut off, it would be like turning on all the lights in a pitch back room and discovering a startled mouse quivering in the middle of the floor.
Yet the fact that Moscow has announced that it will probably — the shutdown is not yet a certainty — be doing it before April would at first seem strange. All foreign intelligence organizations that reckon they have planted useful bugs to monitor Russian targets now have to take some sort of evasive action. At the minimum they might send code to turn off the software. Yet this very act of deactivation could be spotted by Russian cybersecurity experts. Moscow would then decide whether to use the spying bug to feed back inaccurate information or to zap it straight away.
Intelligence was ever a game of smoke and mirrors but it comes no smokier nor full of false reflections than in the world of cyber-spies. Some of the best security brains around the world are now be trying to figure out how to handle Moscow’s announcement. China uses the internet to monitor and control internal dissent. Russia is far more interested in its ability to prevent external threats. And they should know. According to some US and European investigators, the Russians themselves have established extraordinarily effective online intrusions into many key systems in the West. If so, they will probably appreciate the extent of their own vulnerability.
But Russians are inveterate chess players. Whatever their shutdown plans turn out to be, they are sure to have thought several moves ahead.
Meanwhile for ordinary Russians, who might perhaps find their internet access and social media feeds disrupted, there is always the option of talking to someone, you know, like, face-to-face, or even reading a book.