Russia to Launch National System to Protect Against Foreign DDoS Attacks

By Riley ThompsonTechnology News

Russia to Develop National Protection System Against Foreign DDoS Attacks

Roskomnadzor, Russia’s federal communications regulator, is planning to create a national system to protect Russian online resources from DDoS attacks originating abroad. According to Forbes, this information was confirmed by a source close to Roskomnadzor and another source close to the Presidential Administration. The new system could be launched as early as fall 2022, by which time the agency intends to upgrade its Deep Packet Inspection (DPI) equipment, which is currently used to enforce the sovereign internet law. Roskomnadzor is currently discussing project details with the equipment supplier.

A source in the Presidential Administration noted that in the first days of the “operation” in Ukraine, it became clear that the IT infrastructure was not prepared for cyberattacks—even the Kremlin’s website temporarily went offline. As a result, authorities are now considering various ways to protect against “external threats at the national level.”

The equipment for the “sovereign Runet” operates using DPI technology, which inspects internet traffic and decides whether to allow or block it. This equipment already includes some DDoS protection, according to a Forbes source. However, the Main Radio Frequency Center (GRChTs), which reports to Roskomnadzor, has so far developed only a few sample attack types for the equipment to detect, making it difficult to provide comprehensive protection.

Infrastructure Upgrades and Challenges

In addition to creating a DDoS protection system, Roskomnadzor plans to modernize the infrastructure for the sovereign internet by increasing the bandwidth capacity of DPI equipment, according to a source close to a mobile operator and another source close to the agency. The main goal of this upgrade is to allow the equipment to store more signatures for identifying traffic from blocked resources. This technology has already been used by Roskomnadzor to slow down Twitter and block access to Facebook and Instagram (both social networks belong to Meta, which is recognized as extremist and banned in Russia).

Currently, the equipment can filter up to 100 GB of traffic per second simultaneously, but Roskomnadzor wants to increase this capacity several times over. However, the agency does not want to invest additional funds in upgrading the equipment and hopes to obtain it “within the framework of existing contracts.” Due to sanctions and logistical issues, the cost of producing such equipment has increased by about 40%.

Expert Opinions and Political Implications

Experts believe that the so-called Technical Means of Countering Threats (TSPU), which telecom operators are required to install under the “sovereign Runet” law, are used not so much to protect the Russian segment of the internet from external threats, but rather for off-registry blocking of internet resources, including for political purposes. There have been attempts, sometimes successful, to block not only websites and apps but also internet protocols and services that help bypass blocks. The most notable event in this context was the restriction of access to Tor.

  • Other channels and partners available

Leave a Reply