“The law of the pendulum will work”: experts have clarified the consequences of Russia’s disconnection from global software

Last Tuesday, Yemen’s Houthi rebels cut an undersea cable in the Red Sea. Hong Kong provider HGC was the first to report the sabotage. 25% of the world’s Internet users have lost connection to the Internet. A large-scale failure was noted by users of YouTube, TikTok, Snapchat, WhatsApp, Telegram and other services. How real are the threats of “global sabotage”, isolation of the Runet from global software, what are the economic consequences of downtime and mass leakage of data from ordinary users, domestic IT experts looked into it.

As Alexander Matveev, Director of the Center for Monitoring and Countering Cyber ​​Threats IZ:SOC of Informzashchita, said at the press center of the National News Service, in recent years the availability of Internet resources has increased, the number of users has increased, and, as a result, the load on servers has increased, which is why short-term disruptions have become more frequent. Also, the cause of downtime can be massive cyber attacks on individuals.

In turn, Evgeniy Baklushin, deputy director of the UCSB Analytical Center, emphasized that the media status of the individual being attacked does not matter.

“It makes no difference to hackers whether you are a blogger or not. According to numerous studies, the portrait of a typical victim of a DDoS attack is a man or woman aged 30-35 years, an active Internet user. It is worth emphasizing that the number of such users is now growing, since they spend more and more time on social networks in connection with work, and not just for leisure. Access to government services via smartphones is simplified. Also, after the pandemic, the “Internet of Things” is rapidly developing, numerous delivery services are another channel for data leakage,” shared Baklushin.

Alexander Matveev and Evgeny Baklushin noted that Internet failures cause significant impacts not only on ordinary users, but also on critical government sectors.

“Losses can be both operational and financial. Financial losses are usually related to some services. If this or that functionality of instant messengers and those that have been disconnected from the Internet has become inaccessible to users, employees of organizations, naturally, it will be simple. Failures of the global Network lead to increased downtime, financial and reputational losses, and various processes are disrupted,” Matveev explained.

“Let’s not forget that, in addition to users, we have Federal Law No. 187-FZ and 14 critical areas of activity for the state. For example, just two years ago, an Internet outage or a hacker attack affected the functionality of a large metallurgical enterprise. During the shutdown of this enterprise due to disruption of the Internet, losses amounted to hundreds of millions of dollars,” Baklushin added.

The culmination of the discussion was the question of the possibility of global sabotage of domestic software in light of the events that occurred on March 5 in the Red Sea. As Alexander Matveev stated, self-isolation of the Runet and disconnection of Russia from global software is technically possible.

“There is such a tool as Deep Packet Inspection – a technology for checking network packets by their content in order to regulate and filter traffic, as well as accumulate statistical data. Gateways are placed between point A and point B of an Internet provider and allow you to monitor traffic and block certain providers based on the type of traffic. If this tool is installed at key points that separate us from the external Internet space, then at some point a certain switch can actually be turned on. In particular, there are suspicions that some of the recent failures were partly related to the reconfiguration of this equipment. Russia has both the resources and technologies for this,” concluded the Informzashita representative.

“Russia’s disconnection from global software will have negative consequences. Currently, we are seeing a trend towards segmentation and decentralization of the Internet. It is quite possible that in the near future the BRICS sector will operate separately from the sector of unfriendly Western partners. However, no one has canceled the “law of the pendulum”, and it swings in both directions, so “cutting out” Russia from the World Wide Web will also have a negative impact on those who are capable of provoking it,” the founder of LiveInternet supported his colleague.

Among the pessimistic forecasts was the growing trend of data leaks, including due to the increase in the number of users of delivery services. However, according to German Klimenko, digital illiteracy of ordinary users is a much more serious problem than the shortcomings of the security services of Ozon or Wildberries.

“Now the volume of data has begun to grow, including financial data. It seems to me that the number of data leaks is directly proportional to the growth in the volume of this data. The level of lack of education of our citizens is astonishing. 95% of Russians had the password “1234” and it remains so. It’s one thing when a food delivery database leaks, it’s another thing when Sberbank data leaks. Both are generally not fatal. There are serious problems, but, I repeat, the level of leaks is determined by the growth of data and the illiteracy of our citizens,” Klimenko concluded.

Among the effective options for countering cyber threats, the expert included forced double authorization during the registration process for services that require the placement of personal data, coordination of representatives of the IT industry with government agencies capable of implementing effective laws in the field of cybersecurity, increasing the level of digital literacy of ordinary users, inventing complex passwords, studying and resolving issues related to anonymity and data control on the network.

“The main risk comes not from the originals, but from clones of applications, links to payment via instant messengers, QR codes with viruses. Unfortunately, the apps that top the rankings in terms of user requests are truly unsafe, as they can provide services through malicious software. A guaranteed way to counter this threat may be to use proven VPN services or install your own, but the latter option is technically difficult for ordinary users. As for countering cyber threats at the level of companies, rather than individuals, the primary component here is the process component: the adoption of appropriate organizational measures and regular monitoring of changes in the network infrastructure,” Alexander Matveev summed up the discussion.