As you remember, in early May 2019, the President signed the law “On the sovereign Internet”, which will come into force on November 1. The law is nominally designed to ensure the stable operation of the Russian segment of the Internet when disconnected from the worldwide network or coordinated attacks. What's next?
At the end of May, the Ministry of Telecom and Mass Communications prepared a draft government decree “On Approval of the Procedure for Centralized Management of the Public Communications Network”. You can read the full text of the draft and the course of its discussion at .
This resolution defines the “Procedure for centralized management of the public communication network”. That is, under what conditions will the domestic segment of the Internet be made “sovereign”. And also who and on what basis will do it (well, or under what pretext, to each his own).
In general, the project includes:
- types of threats to the stability, security and integrity of the network;
- regulations for identifying threats, measures to eliminate them;
- requirements for organizational and technical interaction within the framework of centralized network management;
- methods for determining by Roskomnadzor the technical feasibility of executing instructions within the framework of centralized network management;
- conditions and cases under which the telecom operator has the right not to direct traffic through technical means of countering threats.
When the Internet is especially dangerous
As for the last item on the list, the project identifies three types of threats:
- network integrity threats - threats of violation of the ability of communication networks to interact, in which it becomes impossible to establish a connection and (or) transfer information between users of communication services.
- network stability threats — threats under which the ability of the network to maintain its integrity in standard operating modes is violated, in case of failure of part of the elements of the communication network and return to its original state (reliability of the communication network), as well as in case of external destabilizing effects of natural and man-made nature (survivability of the communication network).
- network security threats — threats of violation of the ability of the telecom operator to resist attempts of unauthorized access to the hardware and software of the network and deliberate attacks, the result of which may be a disruption in the functioning of the communication network.
The Ministry of Telecom and Mass Communications, in agreement with the FSB, determines the list of current threats. The probability of the threat realization can be assigned levels: low, medium, high. Threat severity level can be set: low, medium, high.
The likelihood of implementation and the level of danger are determined by Rosokomnadzor, based on network monitoring data. The list of current threats should be published on their official website.
But the most important thing:
"Centralized management of the public communication network is carried out in case of a threat, the probability of which is high and (or) the level of danger is determined to be high."
Pot, don't boil
In addition to the "Order of Centralized Management ...", another bill was introduced. "On approval of the regulation on conducting exercises to ensure the stable, safe and integral functioning of the information and telecommunication network "Internet" and the public communication network on the territory of the Russian Federation" ().
This project "determines the procedure for conducting exercises to improve information security, integrity and stability of the functioning of the Internet information and telecommunications network and the public communications network on the territory of the Russian Federation ...". The definition of teachings in this project is given as follows:
“The exercises are a set of organizational, technical and tactical measures aimed at the implementation of training tasks by the participants in the exercises in a specific situation, the emergence of threats to the integrity, stability and security of the operation of the Internet and the public communication network on the territory of the Russian Federation.”
The exercises are held at the federal and regional levels. The participants of these exercises, according to the decree, are:
“communication operators, owners or other owners of technological communication networks, owners or other owners of traffic exchange points, owners or other owners of communication lines crossing the State Border of the Russian Federation, other persons, if such persons have an autonomous system number, as well as the Ministry of Digital Development, Telecommunications and Mass Communications of the Russian Federation, Federal Security Service of the Russian Federation, Ministry of Defense of the Russian Federation, Federal Security Service of the Russian Federation, Ministry of the Russian Federation for Civil Defense, Emergencies and Disaster Relief, Federal Service for Supervision in the Sphere of Communications and Information Technologies and Mass Communications, Federal Communications Agency. Other state authorities and local governments may be involved in the exercises by decision of the Ministry of Digital Development, Communications and Mass Media of the Russian Federation.
The stated objectives of the exercise are:
- ensuring the security, integrity and stability of the functioning of the Internet and the public communications network on the territory of the Russian Federation;
- ensuring the security, integrity and stability of the functioning of the Internet of the Russian Federation (yes, it has already been determined what the “Internet” of the Russian Federation is);
- restoration of communication networks during natural and man-made emergencies.
The main tasks of the exercises are as follows:
- determination and practical implementation of measures to identify threats to information security, integrity and stability of the functioning of the information and telecommunications network "Internet" and the public communications network on the territory of the Russian Federation, as well as the refinement of threat models;
- updating the norms aimed at ensuring the stability of the functioning of the information and telecommunications network "Internet" and the public communication network on the territory of the Russian Federation;
- training in the application of techniques to ensure the stability of the functioning of the information and telecommunication network "Internet" and the public communication network on the territory of the Russian Federation;
- research and improvement of techniques and methods for ensuring the security of the information and telecommunication network "Internet" and the public communication network on the territory of the Russian Federation.
On the basis of the plan, the order of the Ministry of Telecom and Mass Communications of Russia determines the head of the exercise and officials in the leadership of the exercise, the intermediary apparatus, control and research (if necessary) groups, as well as organizations in the field of communications participating in the exercise.
Organizations participating in exercises may include telecom operators, including owners of traffic exchange points, owners of communication lines and technological communication networks, persons with autonomous system numbers.
Within a month after the end of the exercise, the Center for Monitoring and Control of the Public Communications Network, in cooperation with federal executive authorities and organizations in the field of communications, carries out a comprehensive analysis, comparison, verification and generalization of materials on the exercise, and develops a conclusion based on the results.
The conclusion is approved by the Ministry of Telecom and Mass Communications in agreement with the Ministry of Defense of the Russian Federation, the Federal Security Service and the Federal Security Service, and contains recommendations for improving information security, the integrity and stability of the functioning of the Internet and the public communication network on the territory of the Russian Federation and an action plan for their implementation.
Conclusions
And they won't. Too many speculations about this. It is likely that, in addition to all the IT companies, for normal operation, they will have to receive regular FSB, FSTEC or other very important organizations. Or maybe there will be tests for the ability to work in conditions of disconnection from the worldwide network. Who knows what the coming day has in store for us?
Source: habr.com