Map of Sanctions Risks of the Runet and Ways to Anticipate Them

In connection with the rapid growth in the scale of blocking and sanctions (the full catalog is maintained by @denis-19 at the link), it becomes necessary to compile a list of the most critical threats to the Runet infrastructure and ways to prevent them.

This article is intended as a checklist for IT organizations, government agencies and ordinary users to avoid information blockade.

There is little time, so the article is without KDPV, introduction and conclusion.

Readers’ additions and comments are welcome.

rules

  • If you are an advanced user or owner of the portal, carefully study the risks described below and take proactive measures (if they apply to you),

  • If you understand the steps described below, please convey them in simple language to ordinary non-IT users (I did it myself, help others),

  • If something is missing, write in the comments or in private messages in accordance with the format below (risk name, consequences, proactive method),

  • If you find an error or inconsistency, write in private messages.

Risk 1 – TLS certificate revocation

Possible consequences

Inaccessibility of key sites (public services, banks, media)

Ways of preemption

For site owners:

1. Request a Russian TLS certificate, for example, on the public services website https://gosuslugi.ru/tls (only available through a corporate account)

2. Be ready to promptly replace it in case of revocation of a foreign certificate

3. Organize a backup http redirect with instructions for users (see next section)

For ordinary users:

Download browser Yandex or Atom with built-in public services root certificate

For advanced users:

1. Download the state root certificate. services https://gosuslugi.ru/tls

2. Add it to the browser (instruction for Chrome, Firefox) and mobile devices Android, iOS, etc.

Risk 2 – Suspension of DNS Registrar Services

Possible consequences

Inaccessibility of key sites (public services, banks, media)

The danger of domain interception by intruders

Ways of preemption

For site owners:

Arrange transfer to domestic domain registrars (search for “buy a domain” in the search bar)

Risk 3 – Suspension of cloud providers

(AWS, DigitalOcean, Google Cloud, etc.)

A comment

In spite of assurances some vendors (e.g. AWS) to continue providing services (except for registration of new users), there is a high probability of technical unavailability of services

Ways of preemption

For site owners:

Organize a move to domestic cloud sites (look for “cloud server” or “VPS rental” in the search bar)

Risk 4 – Blocking access to foreign cloud services

(Gmail, Dropbox cloud, iCloud, etc.)

A comment

Despite any assurances and promises, be sure to make a local copy of all important files and documents that are stored on remote (cloud) services

Ways of preemption

Link to download all data from Google – https://takeout.google.com/

Risk 5 – Blocking devices connected to the Internet

(computers, tablets, smartphones)

A comment

It is technically possible to block any devices updated over the Internet by downloading restrictive bookmarks

Ways of preemption

1. Pause automatic updates of Windows, Android, iOS

2. Do not download new updates if possible opt out

To be continued…

Similar Posts

Leave a Reply