Russia’s digital authority pushes DPI tools and IP geolocation to surveil Internet traffic
Russia’s Ministry of Digital Development has presented a policy paper on the country’s communications sector and a strategy for its development in 2024–2035, Forbes Russia reports.
The proposal was commissioned by Vladimir Putin and is now being discussed by members of the working group on information security. Its final version is due by June 2023.
At the center of the proposal is the creation of a nationwide cybersecurity system for countering DDoS attacks in Russia. The new system would be based on deep packet inspection (DPI) tools already used by Russian network operators, as required by the Russian “Internet Sovereignty” law since 2019. DPI technology is currently used to filter traffic and to block Web-based resources when ordered by the state censor Roskomnadzor.
The proposal also argues for systemic use of IP geolocation in countering DDoS attacks. At the same time, independent experts believe that using DPI and IP geolocation on such a scale might signal that Russian sites could ultimately be closed to foreign users, unless they’re willing to arm themselves with a Russian VPN.
Localizing all the Internet traffic in Russia might be particularly desirable to the Russian government while at war with Ukraine.
In 2022, the number of DDoS attacks on Russian IT systems has increased by 60–70 percent, compared to 2021. The greatest number of those attacks targeted the media and the finance sector, including payment systems and banking apps. Russian government and court websites have also been attacked.