What is the updated Russian cyber-security doctrine about?
According to the new Russian information security doctrine, signed by President Vladimir Putin on Dec. 6, one of the main threats to Russia is "the increase in opportunities that a series of foreign countries has to influence Russia's information infrastructure for military purposes."
The document was published on Russia’s official internet site for legal information. The doctrine, which was developed by the Russian Security Council, immediately goes into effect.
The new doctrine also claims that foreign special services and leaders exercise informational and psychological influence over other countries with the aim of destabilizing the domestic political situation in Russia.
Russia's government has paid special attention to countering new “Twitter revolutions,” those similar to the ones that occurred in the Middle East in the beginning of the decade, according to a cyber-security expert. Source: Kremlin.Ru
The document places a particular accent on the work of foreign mass media and its impact on Russians, primarily on the country’s youth. The aim of this influence is to erode cultural and spiritual values, to undermine moral principles, historical foundations and patriotic traditions, notes the document.
One of the main purposes of cyber-security, according to the doctrine's authors, is the "strategic deterrence and prevention of military conflicts, which can result from the use of information technologies."
Evaluating the doctrine
"In its current form the doctrine better outlines the threats to Russia's military-technological security. For example, it emphasizes protection from targeted cyber-operations conducted by foreign special services, as well as the fight against foreign reconnaissance activity in Russia," said Oleg Demidov, a cyber-security expert from the PIR Center, a Moscow-based independent think tank.
In his words, Russia's government has paid special attention to countering new “Twitter revolutions,” those similar to the ones that occurred in the Middle East in the beginning of the decade.
"The Arab Spring demonstrated that Facebook, Twitter and other instant messaging services allow a lot of content that threatens social and political stability. The main thing is that we don't have an effective model for blocking such processes," said Demidov.
What has been lost?
In Demidov's view, the new doctrine contains three systemic problems.
Firstly, the role of the key operator in the critical information infrastructure – the private sector – is unclear. "Usually, companies such as Kaspersky Lab, Infowatch, Group-IB and many others protect Russian state structures from Internet attacks. Business must be a priority in this doctrine," he explained.
Secondly, it is necessary to increase the level of international interactivity with the SCO (Shanghai Cooperation Organization) and CSTO (Collective Security Treaty Organization) countries, as well as with Russia's other allies.
Finally, it is necessary to make sure that there is practical interactivity between national and sectoral centers that react to threats. In Russia such centers exist on the federal level (FSB), the sectoral level (attached to the Central Bank) and on the private level.
"It is necessary to conduct more joint exercises and 'practice' scenarios with large international cyberattacks that can simultaneously undermine the work of several state services," said Demidov.
The turning point
The doctrine is not a normative act and does not have direct effect. It just creates a skeleton and foundation for developing further documents and bills.
For example, Demidov noted, it will help adopt the basic bill on critical information infrastructure: "Its last version, which the FSB developed in 2013, is lying somewhere in the backyard. The legislative holes can now be covered,” he said.
Russia has drastically changed its view on cyber-security after 2010, when American and Israeli special services struck Iran's nuclear facilities in the course of Operation Stuxnet, said editor-in-chief of National Defense magazine Igor Korotchenko.
"As a result of the external influence, the country's uranium enrichment centrifuges entered a critical state and broke down en masse," said Korotchenko.
In Korotchenko's words, this attack threw back Iran's nuclear development by eight years.
On Dec. 2 the FSB announced that attacks on Russia's banking sector that it claims would be carried out by Western special services were imminent, though only one such attack has so far been detected.