Putin’s new Information Security Doctrine Russia’s cyberspace vulnerabilities in a nutshell
On December 6, 2016, President Vladimir Putin ratified Russia’s new Information Security Doctrine to replace a document that was in force since September 2000. This official document defines the main sources of threats against Russia in cyberspace and offers solutions to dealing with them. The document was part of Russia's national security strategy adopted in December 2015. Meduza briefly paraphrases the content of seventeen-page document.
The main threat against Russia comes from “individual states” that seek to exploit their technological superiority to dominate cyberspace. Their intelligence services, according to Putin, want to destabilize the situation in Russia. The media of these countries also discriminate against the Russian media organizations seeking to convey accurate information (as foreign journalists report on Russia in a biased way, according to the Russian president).
Another threat comes from terrorist and extremist organizations. They sow hatred and enmity and influence both the individual and social consciousness.
The doctrine very briefly mentions ordinary hackers, who, the president specified, steal the personal data of Russian citizens and money from bank accounts.
In order to combat the listed threat, Russian authorities intend to confront the “disturbance in the historical foundation and patriotic traditions of the defense of the fatherland.” Another direction of struggle is “neutralizing the impact of information aimed at eroding Russia’s traditional spiritual and moral values.”
Russia is behind in the development of information technology, Putin said. It is heavily dependent on foreign information technology, and most specifically foreign software, which, in turn, means that it depends on the “geopolitical interests of foreign countries.” Russia’s research in the field of information security is also inefficient and its citizens know little about protecting their information online. Russian cannot yet participate in the management of global cyberspace.