The United States plans to start regularly sharing cybersecurity information with Russia as part of the Obama administration’s efforts to re-establish closer ties to that country and clear up misconceptions surrounding the two nations’ cyber policies.

Cybersecurity officials from both countries met last month to discuss policy coordination at a Russian delegation in Washington led by Russian National Security Council Deputy Secretary Nikolay Klimashin, according to a White House blog post by U.S. Cybersecurity Coordinator Howard Schmidt.

“Both the U.S. and Russia are committed to tackling common cybersecurity threats while at the same time reducing the chances a misunderstood incident could negatively affect our relationship,” he said.
Misunderstood incidents may include attacks on U.S. government infrastructure and networks by Russian hackers, who have raised their threat profile significantly in the last several years. The recent attacks on networks either owned by or containing information related to the federal government by Anonymous, LulzSec, and AntiSec hactivist groups have shed new light on this risk.

…

For full original article, see here

(Reuters) – BlackBerry maker Research In Motion said Russia could help development of new technologies by finding a balance between state security and innovation.

Co-chief executive Jim Balsillie said on Monday the Canadian company had “ambitious plans” in Russia and offered President Dmitry Medvedev — an avid user of Apple’s iPad — a new Blackberry tablet at a meeting on developing new technology.

RIM, whose BlackBerry products are used by executives and politicians including U.S. President Barack Obama, has faced demands from countries such as India and Saudi Arabia to give authorities access to its encrypted communications services.

Speaking to reporters before the Medvedev meeting, Balsillie said: “A very important (question) for Russia is how do they balance the need for letting innovative things happen, but managing state security.

Many countries grapple with this around the world,” he said, adding a balance was needed that “allows innovation to happen, but still state security to be looked after”.

India this year demanded full access to BlackBerry services as part of efforts to fight militancy and security threats over the internet and through telephone communications.

RIM said in January it has given India the means to access its Messenger service but reiterated no changes could be made to allow the monitoring of secure corporate emails.

RIM encrypts email messages as they travel between a BlackBerry device and a computer known as BlackBerry Enterprise Server. The company has said it does not have a master key to decode these emails and only the sponsoring business or organization has the technical capability to grant access to encrypted enterprise email.

BLACKBERRY IN RUSSIA

Russia’s two biggest carriers began offering BlackBerry services in late 2007, after years of negotiations between RIM and the Federal Security Service (FSB) that did not involve handing over encryption codes.

The FSB domestic spy service called earlier this month for access to encrypted communication providers like Gmail, Hotmail and Skype, saying uncontrolled use of such services could threaten national security.

Russia’s communications minister, Igor Shchyogolev, told Reuters ahead of Medvedev’s meeting the government wanted international companies like RIM to be present on the Russian market, offering “the most up-to-date technologies”.

“If there are some network security demands, and they exist globally, we need to seek compromise to provide security and at the same time not to set up barriers for companies,” he said.

Balsillie said Russia was still a relatively small market for RIM meaning it had “extremely ambitious plans to sell Blackberry in Russia, invest in R&D, (and) also to invest in start-ups”.

On Wednesday April 27, the EastWest Institute and the Information Security Institute released the first joint Russian-American report to define critical terms for cyber and information security.

Prepared by a team of Russian and U.S. experts convened by EWI, Critical Terminology Foundations presents twenty terms – the basis for an international cyber taxonomy.

“It may seem like a small step, but Russians and Americans have never before sat down and really agreed on the terms that are the prerequisite for rules of the road for cyber conflict,” says EWI Chief Technology Officer Karl Rauscher who led the process with Valery Yaschenko, Director of the Information Security Institute at Moscow State University. “Defining terms together is the first step for creating international cybersecurity agreements.”

According to experts on the team, several bodies have sponsored efforts to create a U.S.-Russian cyber glossary for over a decade, but they stalled out on the definition of an essential first term: cybersecurity itself. Unlike Americans, Russians saw cybersecurity as an inextricable part of a larger discussion on information security. In the EWI-led process, the group resolved this difference by consciously addressing “cyber” as a crucial subset of “information.”

Conducting analysis of usage and needs, engaging in rigorous discussion and consulting existing lexicons, the group went on to define terms ranging from cyberspace to cyber exploitation, then rendering each definition in English and Russian. The terms were presented in a three-component taxonomy structure that included the Theatre, the Modes of Aggravation and the Art. The next step, according to Rauscher, is to use the report to launch a multilateral discussion on the most critical terms for the development of international cybersecurity policy, which lags far behind rapidly moving technology.

Today, an advance edition of the report will be presented in Garmisch-Partenkirchen, Germany at the Fifth International Forum “Cooperation between Government, Civil Society and Business in the Field of Information Security and Combating Terrorism.”

Next, a multilateral working group on key terms will meet at EWI’s Second Worldwide Cybersecurity Summit, to be held in London June 1-2. The summit will bring together over 400 business, government and technical experts from around the world to find new solutions for securing cyberspace.

“Skeptics on both sides said that securing definitional agreement between Russians and Americans was an impossible task,” says EWI President John Mroz. “Thanks to the efforts of this team, the table is set for the start of meaningful multilateral conversations that lay the groundwork for ‘rules of the road’ agreements.”

The United Kingdom government has announced that the GBP 650 million delegated to the National Cyber Security Programme will be used to prop up four pillars of the programme: national cybersecurity, cyberdefense of critical infrastructure, countering cybercrime, and improving education and skills. 65 per cent of the funds will be allocated to increasing capabilities. Meanwhile, in the United States, defence contractor Booz Allen Hamilton Inc. was granted a USD 71.5 million cybersecurity contract with the US Navy. This is the company’s second contract of the year with the Navy—the first was awarded in late January, also worth USD 71.5 million—and is contributing to the emergence of the cyber-military industrial complex.

In Russia—following cyber attacks on LiveJournal and opposition newspaper Novaya Gazeta (as we documented here two weeks ago)—authorities are expressing concern over the lack of Internet regulation in the country. As a result, a state tender released this week is calling for researchers to look at “foreign experience in regulating” the Internet. A spokesperson for Prime Minister Putin followed up by stating that state researchers would begin studying best practices in online regulation from countries such as China.

Meanwhile, Iran has announced that it will assert its sovereignty over cyberspace via the creation of a nationalized cyberspace—a “halal Internet”—to combat Western influence of the space and to potentially decouple from the open Internet. The head of economic affairs in Iran announced to the state run news agency, IRNA, that Iran “will soon create an internet that conforms to Islamic principles, to improve its communication and trade links with the world.” This new network may eventually replace the open Internet. It has been reported that authorities have praised China’s Internet policy—an indication that the government, like its Russian counterpart, is lesson drawing from the country.

Increasingly, like-minded countries sharing similar concerns appear to be turning towards one another to seek out best practices, policy innovations, and solutions as pertaining to cyberspace (for instance, the Iranian and Chinese state have both expressed concern about Western hegemony over the space). The emergence of online controls as a “norm” has given rise to a contestation of norms in cyberspace. In what appears to be a promotion of normative change, the United States announced just this week that it is set to dedicate USD 28 million in new grants (to go towards projects such as circumvention/anonymity tools) to online activists—particularly in countries with major cyber controls.

In the past, US promotion of “net freedom” has been met with suspicion. Following Hillary Clinton’s 2010 “Internet freedom” speech, Chinese authorities accused the United States of information imperialism. In this case, a Chinese op-ed stated: “countries disadvantaged by the unequal and undemocratic information flow have to protect their national interest, and take steps toward this. This is essential for their political stability as well as normal conduct of economic and social life. These facts about the difficulties of developing nations, though understood by politicians like Clinton, are not communicated to the people of Western countries. Instead, those politicians publicize and pursue their claims purely from a Western standpoint.”

Like the idea of humanitarian intervention, Internet freedom promotion may be seen as a disguised form of aggressive Western imperialism by some. As Ma Zhaoxu of the Chinese Foreign Ministry stated after Clinton’s speech, “We urge the US to respect facts and stop attacking China under the excuse of the so-called freedom of Internet.” We can expect to see continued contestation over such meanings.

(Reuters) – Russia is looking to the experience of other countries, including China, to “regulate” Internet use, though Moscow has no plans to broaden web censorship, a government spokesman said on Saturday.

Weeks after hacker attacks temporarily closed down the country’s most popular blog site, a state tender calling for research into “foreign experience in regulating” the Internet has revived fears that authorities plan to clamp down on Internet freedoms ahead of 2012 presidential elections.

Dmitry Peskov, a spokesman for Prime Minister Vladimir Putin, said the tender was in no way an indication that Moscow wanted insight into Internet censorship.

“It is enough to look at those resources that exist in the Russian Internet to see that there is no censorship there,” he said. Peskov said researchers would study best practices in Internet regulation of other countries, including China.

In a country where much media is state-run, the Internet is one of the last bastions of free speech. Russian bloggers freely criticize authorities, often scathingly, question high-level corruption and swap information.

After Russia’s main security service said earlier this month that uncontrolled use of Skype and Gmail was a “security threat,” Internet users feared that “regulation” may lead to tightening of freedoms on the Web.

“They’re trying in their own way, of course boneheadedly, to tighten the screws,” an Internet user under the name alekc75 wrote about the government tender on a popular blog.

Security analysts say cyber attacks this month on blogging site Live Journal could be a test drive for closing down web sites, in particular social networking sites, in case of demonstrations ahead of next year’s presidential elections.

The Internet has played a crucial role in the unrest that has rocked Northern Africa and the Middle East, prompting some governments to shut it down.

In an interview with the Wall Street Journal in February, Deputy Prime Minister Igor Sechin said Google was responsible for uprisings that helped unseat Egyptian leader Hosni Mubarak.

Ilya Ponomaryov, a member of Parliament and the Duma information committee, said Russia was in a very early stage in developing Internet regulation.

“Our Internet regulation is currently the most liberal in the world because we have none,” Ponomaryov told Reuters. He said parliament was now working on amending a series of laws to take into account the rapidly developing Internet.

The Live Journal site was brought down by a denial of service attack — a tried and tested method of disrupting websites by flooding their servers with requests.

Chechen separatists and the Georgian and Estonian governments have been high-profile victims of similar attacks in the past. Supporters of WikiLeaks also used this method to attack organisations that blocked support for WikiLeaks.

(Writing and additional reporting by Thomas Grove; Editing by Peter Graff)

This week, a DDoS attack was launched on Livejournal— which, with 4.7 million Russian users, has become a powerful forum for political discussion in Russia (Maria Garnaeva of Kaspersky Lab has a great analysis and report of the attack). The attacks began on March 24, from the Optima botnet on prominent Livejournal user Alexei Navalny (who discusses government corruption in his blog as well as a number of other URLs until April 1. By April 4, however, the botnet was launched on many popular Livejournal blogs and effectively caused the Web site to be inaccessible in Russia. The attacks rendered the Web site inaccessible in Russia on March 30 and April 4.

Within this, the oppositional newspaper, Novaya Gazeta, was also similarly attacked. It was reported that the newspaper believes that the attack was carried out by those who attacked the Livejournal. The large scale DDoS attack was at one point sending 70,000 visit requests every 14 seconds.

This Global Voices post details the current discussion and speculations in Russian cyberspace over the attack. Many have been quick to suggest that the attack was a politically motivated state-sponsored attack whose primary target was Navalny. Another prominent user, Anton Nosik, suggested that the attack be linked to a recent article in the newspaper Argumety i Fakty, which suggested that Russian Livejournal users shift to another platform. Nosik understands the attack to be an orchestration by the Russian government to disband the Russian Livejournal community. The Novaya Gazeta has linked the attacks to this year’s parliamentary election and next year’s presidential election in Russia. The paper’s editor told the Associated Press that he believes the attacks were meant to “discredit the public platforms which express alternative points of views.” The opposition leader has publically stated that, “It’s quite possible that those people who have ordered the attack are planning the complete crash of Live Journal in the heat of the 2011-2012 election campaign,” he wrote on his blog Friday.” The PutinWatcher Web site also suggests that the attack was state-sponsored, pointing to the fact that “DDoS attacks have been the favored technique in blogging attacks linked to the Russian government in the past” as seen in the attacks on the Estonian government in 2007 and the Georgian government in 2008 which some have linked to the Russian state.

Recently, Alexander Andreyechkin of Russia’s Federal Security Service announced that the organization has proposed placing a ban on foreign services such as Skype, Hotmail and Gmail due to the security threats stemming from their “uncontrolled use”—meaning, that control of traffic through these services is done from foreign servers—as well as the concern that these services use foreign-made encryption technology. These comments were later revoked.

These recent attacks are occurring against a backdrop of intensified control over Russian cyberspace this year (see this OpenNet Initiative post for more details)—for instance, the launch of the League of Internet Safety, and the rise of the so-called “30 Ruble Army.” The Russian government has however, denied the allegations. In fact, Medvedev’s own Livejournal blog suffered from the attack. Attribution is often difficult to determine, however, what is of significance is that these recent attacks are consistent with the controls in Russian cyberspace as documented by Ronald Deibert and Rafal Rohozinski (see Deibert and Rohozinski’s Control and Subversion in Russian Cyberspace)—for instance, the deployment of next generation information controls (such as DDoS attacks) characterized by “just in time” blocking or event-based denial of selected content or services.

LiveJournal Russia, the country’s main platform for uncensored political discussion, recovered Tuesday from its biggest-ever hacker attack — which bloggers said could not have been staged without state resources.

The Cyrillic segment of the blogging service, which numbers 4 million Russian-language users, was first hit by a cyber attack last Wednesday.

Hackers used computers infected by malware, mostly in Asian and Eastern European countries, to flood the servers with requests, paralyzing them for seven hours. A second wave followed Monday, again rendering LiveJournal.com inaccessible in Russia.

Initial speculation suggested that the attacks had targeted individual bloggers, possibly Kremlin critics. Such incidents have taken place before. But LiveJournal management reported that the whole site had been targeted.

“The attack targeted dozens of top bloggers and communities” indiscriminately, said Ilya Dronov, development director with the site’s owner, SUP.

“The reason for attack is more than clear in this case — someone wants LiveJournal to disappear as a platform,” he said Tuesday in a post on his own LiveJournal blog, Igrick.

The hackers sought to leave the Russian blogosphere without a single stable platform to operate on, dispersing them to other social networks where “it’s easier to fight individual users,” Dronov wrote.

He stopped short of naming any names, predicting only that more attacks would follow. SUP will have to ship more powerful equipment to Russia to resist further attacks, Dronov said.

The company “doesn’t exclude a lawsuit option,” Svetlana Ivannikov, head of LiveJournal Russia, said late Monday in a statement. But she also identified no suspects.

Bloggers, however, minced no words, naming the Kremlin as the only power capable of staging such a large attack.

Anton Nosik, a prominent LiveJournal blogger and former director of SUP, wrote on Snob.ru that massive attacks require considerable administrative and “financial support.”

He admitted that it was hard to estimate the attack’s cost, but said the pro-Kremlin Nashi movement might be behind it because it was in the past accused — though not convicted — of hacking the blogs of opposition activists and of a cyber attack on the Estonian government’s site.

Alexei Navalny, a popular blogger and anti-corruption activist, said the attacks were a start for the Kremlin’s “counter-propaganda plan” ahead of the upcoming State Duma vote and presidential race.

The Kremlin has not commented on the accusations, while Nashi spokeswoman Kristina Potupchik said by telephone Tuesday that they were “some person’s groundless assumptions.”

MOSCOW — The Russian security service has proposed banning Skype, Hotmail and Gmail as their “uncontrolled use” could pose a security threat, a service official said during a government meeting on Friday.

The comments from the head of the service’s information and special communication centre Alexander Andreyechkin were disowned by the Kremlin but come amid mounting concern over state meddling in the Internet in Russia.

The Federal Security Service (FSB) is “increasingly concerned” by the mass use of these services, which use foreign-made encryption technology, Andreyechkin said, RIA Novosti agency reported.

“Uncontrolled usage of these services may lead to massive threat to Russia’s security,” he said at a meeting of the government’s communication and technology committee.

Control of Internet traffic through these services is done from servers outside Russia, and so they are often used by extremist organizations, Andreyechkin was reported as saying before the meeting continued without the press.

Deputy communications minister Ilya Massukh later said that recommendations on regulating the mass usage of encryption technology would be given to the government by October 1.

The FSB would like to ban these services in Russia because “security authorities cannot access them,” Massukh was reported as saying.

Russian agencies quoted a Kremlin source later Friday as saying that Andreyechkin’s statements were “his own opinion and don’t reflect the government’s policy regarding development of the Internet.”

“Andreyechkin overstepped his authority and made hasty remarks about these popular services,” the source said, RIA Novosti reported.

“State policy in the sphere of Internet technology is not set by security services.”

Communications Minister Igor Shchegolev affirmed later that there were “no plans to cut off Skype, Gmail, Hotmail or any other foreign services working in Russia,” the Interfax news agency reported.

Prime Minister Vladimir Putin’s spokesman Dmitry Peskov on the other hand defended Andreyechkin’s view, calling it “based on the (FSB) service’s duties” and “well-reasoned”, Interfax reported.

All points of view will be discussed before any further recommendations are made, Peskov added.

The FSB warning came the same week that the LiveJournal blogging site, hugely popular in Russia, fell victim to repeated cyber-attacks that bloggers blamed on the Russian security services and the authorities’ desire to disrupt internet communication ahead of parliamentary and presidential elections.

President Dmitry Medvedev, who prides himself on his use of Twitter and also maintains a LiveJournal weblog, called the attack “outrageous and illegal”.

A spokeswoman for LiveJournal Russia told AFP on Friday that the company was preparing to file an official complaint on the attacks so the interior ministry could launch a criminal investigation.

Oppositional newspaper Novaya Gazeta on Friday reported a similar attack on its website, which was down most of the day. The paper claimed in its blog that the attack was carried out by the same hackers who crashed LiveJournal.

The secretive FSB, which is a successor to the Soviet KGB, has denounced popular non-Russian Internet services in the past.

But this is the first time the FSB appears to propose restrictions on a national level, said security analyst Andrei Soldatov.

“This is definitely alarming,” he told AFP, saying the FSB’s goal may be not to close access to the public, but to improve its own access to encrypted information.

“The goal may be to bargain with these services to disclose at least partially their encryption technology,” he said.

Internet usage in Russia grew rapidly in the last decade, from less than two percent of residents in 2000 to 29 percent in 2009. Internet penetration now stands at 42.8 percent, according to the International Telecommunication Union.

Russian Prime Minister Vladimir Putin’s deputy blamed Google, the company behind the world’s number one Internet search engine, for stirring up trouble in the revolution that ousted Egyptian leader Hosni Mubarak.

“Look what they have done in Egypt, those highly-placed managers of Google, what manipulations of the energy of the people took place there,” Russian Deputy Prime Minister Igor Sechin told the Wall Street Journal in an interview published today (22 February).

The strength of the comments from one of Putin’s most trusted deputies is a clear signal of growing concern among Russian hardliners about the role played the Internet in the unrest which has swept across the Arab world, Reuters commented.

In fact, Sechin was asked by the WSJ’s Gregory White what he thought was needed for Russia to change in order to become more attractive to foreign investors.

He replied by saying that over the past 25 years everything had changed in Russia and that the country enjoyed one of the highest degrees of political stability in the world.

But White countered: “[Ousted Egyptian President Hosni] Mubarak probably said the same thing.”

This is not the first time that the ‘domino revolutions’ across the Arab world have been seen impacting upon Russia.

Speaking in the European Parliament recently, prominent Russian opposition leader Mikhail Kasyanov said that if his country’s citizens were denied the possibility of holding free and fair elections next December, the alternative would be “a revolution, not with camels like in Egypt, but with pistols and sticks”.

Mikhail Kasyanov, a former Russian prime minister (2000-2004) who is now leader of the Russian People’s Democratic Union (RNDS), a recently-established party, called on the EU to stay alert not only on election day but throughout political developments leading up to the elections.

Cyber warfare battles have already been fought in Estonia and Georgia.

For three weeks in the spring of 2007, Estonia, which has one of the highest levels of Internet penetration in Europe, was bombarded with a wave of sophisticated cyber attacks that targeted the country’s parliament, banks, newspaper and government ministries.

The denial of service attacks, from tens of thousands of computers in Russia and around the world effectively paralyzed Estonia.

Estonian officials, who for weeks had been embroiled in a bitter diplomatic dispute with Russia over the removal of a Soviet-era monument, were quick to blame the Kremlin for the attacks.

The Russians denied the charge.

But months later, an aide to one of the leaders of the then-president Vladimir Putin’s pro-Kremlin United Russia party claimed responsibility for the cyber attacks, saying they were an “act of civil disobedience” by the pro-Kremlin youth group Nashi.

Estonian experts discount that claim, saying the attacks were too sophisticated to be the work of a single group of mischievous hackers.

A year later, when Russia and Georgia had a brief border war, the Russian ground invasion was preceded by a denial of service attack on the Georgian government’s websites.

“Everyone assumed this was coming from Russian websites, but research we have done showed you can’t really tell,” said Ron Deibert, a telecommunications expert who runs the Citizen Lab research facility at University of Toronto’s Munk School of Global Affairs. “More importantly though, we found that the tools that were used in the attack were associated with the criminal underground. They had been used to attack banking sites, pornographic websites and engaging in extortion, long before the Georgian attacks. So they were either operating on their own in a patriotic manner or they were contracted out by the government.”

There is widespread suspicion Russia was renting the services of cyber criminals in much the same way great powers gave letters of marque to privateers in the 17th and 18th centuries and authorized them to attack foreign shipping.

“It is more effective for them to cultivate a criminal underground in order to shield their own identities,” Prof. Deibert said.

That sort of flexible anonymity worries U.S. policy makers.

“Cyber attacks offer a means for potential adversaries to overcome overwhelming U.S. advantages in conventional military power and to do so in ways that are instantaneous and exceedingly hard to trace,” said William Lynn, the U.S. Deputy Secretary of Defence. “A dozen determined computer programmers can, if they find a vulnerability to exploit, threaten the United States global logistics network, steal its operational plans, blind its intelligence capabilities or hinder its ability to deliver weapons on target.”