Feb 12, 2019

Axios Codebook

Welcome to Codebook, the cybersecurity newsletter with a girlfriend in Canada.

Story ideas? Tips? Just hit reply to this here email.

1 big thing: Russian internet prepares to go solo

Illustration: Aïda Amer/Axios

Russia is planning to sever itself temporarily from the global internet, ostensibly so the country can prepare for a digital attack that would leave it cut off.

Why it matters: That's Russia's stated intent, but experts believe the goal is actually to wrest more control over the country's domestic internet.

The big picture: The Duma is currently considering a law submitted in December that would ensure Russia's national internet could still function in case Russia was intentionally cut off from the global internet. The trial separation would help fine-tune what steps Russia might need to take for that law to succeed.

The test will take place before an April 1 deadline to submit amendments, according to the Russian outlet RBC, which first reported the story, and ZDNet, which first reported it in English.

Yes, but: Though the government of Russia has publicly expressed concern that other nations may cut it off from the internet, experts are skeptical.

  • "As a technical matter, I have a hard time imagining how a group of nations could isolate Russia completely," said Michael Daniel, former White House cybersecurity coordinator and current president and CEO of the Cyber Threat Alliance. "The distributed nature of the internet makes that prospect really challenging."
  • While the U.S. has threatened stronger actions to deal with hostile foreign cyber powers, removing a country from the internet goes a step beyond any known plans.

Between the lines: "Really, this move would be about Russia wanting to have the same capabilities that China does — in essence, to be able to control the flow of information into and out of the country," said Daniel.

Russia has long wanted more internal control over the physical routing of the internet. The internet operates on domain name system (DNS) servers, which operate like a kind of phone book, "resolving" the verbal web addresses (like "axios.com") users send from browsers into numerical internet addresses that the network understands.

  • By 2020, Russia has announced it wants to resolve as much as 95% of its DNS requests on servers within the country. Doing so would give Russia the opportunity to prevent users from accessing content the government wished to censor.
  • Preparing Russia's network to function while isolated from the global internet would help create the infrastructure the country would need to prevent citizens from circumventing national control.
  • There's a good chance Russia's internet test could cause a little chaos, noted Tim April, principal architect of Akamai, because much of the internet's functionality comes from globally coordinated systems — everything from web analytics platforms to synchronized timing to spam blocking lists.

China uses its tight-fisted control of its domestic internet, the so-called "Great Firewall," to keep granular control over ideas its citizens are allowed to communicate.

  • It famously bans everything from the history of Tiananmen Square to Winnie the Pooh memes.

The bottom line: Russia may be freer than China, but it is still restrictive about dissent. Its internet isolation test run could be a first step toward an "Iron Firewall."

2. Judge keeps Facebook Messenger case under seal

U.S. District Judge Lawrence O’Neill ruled Monday to keep documents describing digital wiretaps in an MS-13 case secret from the public.

Background: The case from last year centered around state and federal surveillance of the gang and came to light when Facebook won a secretive ruling that it would not have to aid the police by wiretapping its Messenger service.

  • At the time, Reuters reported a judge had ruled that Facebook Messenger operated using internet infrastructure, meaning no law required it to help the police. Products operating over telephone infrastructure do have to help the police secure wiretaps.

Two civil rights groups sued to see documents in the case, arguing that the documents would provide insight into the current state of internet communications law.

  • O'Neill ruled that the documents revealed too much about investigation sources and methods and could not be reasonably redacted.
3. Swiss pay to find holes in e-voting system

Flags seen on the streets of Zug, Switzerland. Photo: James D. Morgan/Contributor/Getty Images

Switzerland is offering rewards to any hacker who can demonstrate security flaws in either the front or back end of new online voting systems.

Rewards for undetectably changing votes can be as high as 50,000 francs (a little under $50,000).

The Swiss system uses voting cards sent by mail to authenticate voters, a process that itself may introduce security issues not covered by the intrusion testing.


An article in Codebook last week incorrectly reported a quotation by Tim Chen of DomainTools about the EU's stance toward investigators. It should have read "the EU took the position, 'Our job is to make the law, your job is to interpret it.'"

4. Odds and ends

We'll be back Thursday.