Russia's new cyber laws will fuel online crime, claims report

clock • 2 min read

Russia's Sovereign Internet law looks to re-model the country's self-contained internet system on China's

Russia's new cyber laws will fuel additional online crime across the world by threat groups - both state-linked and criminal - operating out of Russia.

That's according to the latest report by cyber intelligence firm IntSights, which analyses the implications of Russia's upcoming internet laws, particularly its 'Sovereign Internet' law, on consumers, businesses, and cyber crime.

The report, entitled "The Dark Side of Russia: How New Internet Laws & Nationalism Fuel Russian Cybercrime", claims that Russia's new internet laws, which will come into effect on 1st November, will make it difficult for companies operating in Russia to protect both their communications and the privacy of their customers.

In April, Russia's State Duma approved the controversial Sovereign Internet bill, which empowers the government to create a Chinese-style standalone internet infrastructure. This could be used to cut the country off from the global internet, while continuing to function internally. 

The government will still likely turn a blind eye to threat actors that target foreign entities

Developing such a network will cost around $470 million, according to government estimates, at a time with one-in-ten city dwellers don't even have indoor sanitation

To enable the Sovereign Internet bill to deliver on its promises, ISPs in the country will be forced to direct all internet traffic through internet exchanges located in Russia, whith will be continuously monitored.

The new law will also affect cyber criminals working in Russia. The underground cyber crime landscape in Russia enjoys the tacit protection of the authorities, who in many cases turn a blind eye to hackers as long as they don't target individuals or organisations in Russia and the CIS. 

After the Sovereign Internet law comes into effect, hackers operating within Russia will need to ensure that the services they use to cover their tracks, such as virtual private networks, are either Russian or conform to strict sovereign internet requirements.

"The sovereign internet will make it much easier for Russian law enforcement to crack down on hackers that target Russian entities," explains Andrey Yakovlev in the IntSights' report.

"But the government will still likely turn a blind eye to threat actors that target foreign entities - particularly those operating in enemy states, like the United States."

The policy will make it even easier for the authorities in Russia to apprehend groups that carry out attacks within Russian and the CIS, encouraging more activity against people and organisations outside Russia.  

Just earlier this week, Microsoft warned that it a hacking group linked to the Russian state was targeting Internet-of-things devices in a bid to breach secure corporate networks.

Last month, cyber security researchers said they had discovered a new "highly targeted" form of mobile malware, dubbed 'Monokle', with links to Russian cyber criminals

And a report out this week that focused on China's APT41 indicated that hackers employed by the Chinese state for the purpose of online espionage also have a penchant for conducting cyber crime for their own benefit at night

You may also like
Gang leaks NHS patient data on the dark web - updated

Threats and Risks

400GB of names, NHS numbers and blood test details spilled by Qilin

clock 21 June 2024 • 2 min read
Russian hackers behind London hospitals cyberattack

Hacking

The attack has forced hospitals to postpone or relocate elective surgeries

clock 06 June 2024 • 2 min read
Russian criminals use Lunar malware to breach European government agency

Threats and Risks

Attackers thought to be part of Russia's FSB

clock 17 May 2024 • 2 min read

Sign up to our newsletter

The best news, stories, features and photos from the day in one perfectly formed email.

More on Threats and Risks

Surge in global ransomware attacks as LockBit returns

Surge in global ransomware attacks as LockBit returns

LockBit 3.0 resurfaces as leading threat actor

Vikki Davies
clock 21 June 2024 • 2 min read
Gang leaks NHS patient data on the dark web - updated

Gang leaks NHS patient data on the dark web - updated

400GB of names, NHS numbers and blood test details spilled by Qilin

John Leonard
clock 21 June 2024 • 2 min read
Biden administration bans Kaspersky software over security concerns

Biden administration bans Kaspersky software over security concerns

Commerce secretary Gina Raimondo highlighted threats to critical infrastructure, while Kaspersky plans legal action.

Vikki Davies
clock 21 June 2024 • 3 min read