Russian President Vladimir Putin — a leader whose intelligence services are accused of hacking into U.S. political organizations and spreading fake news online — signed into law Tuesday a new information security doctrine that seeks to help his government counter foreign cyberattacks and misinformation campaigns aimed at the Russian population.
The broad policy framework, which replaces a document introduced to the government more than 15 years ago, notes that the Kremlin’s dependence on foreign technology, like software, erodes the state’s ability to secure systems. Last month, Russian antitrust authorities opened an investigation into Microsoft’s business practices, claiming that the Redmond, Washington-based tech giant is unfairly forcing Russian antivirus software providers out of the market.
“The legal basis of this Doctrine is the Constitution of the Russian Federation, generally recognized principles and norms of international law, international treaties of the Russian Federation, Federal constitutional laws, Federal laws and regulatory legal acts of the President of the Russian Federation and the Government of the Russian Federation,” the document states.
Russian-state media have called attention to a note in the doctrine that warns of a rise in targeted cyberattacks and espionage against Russian organizations, including military services, scientific research centers and other government agencies.
“Strategic restraint and prevention of military conflicts,” in addition to the development of next generation security systems, will be key to curbing cyber intrusions into Russian properties, the doctrine outlines.
The framework comes at a time when the Russian government is working to institute a new law that would require domestic internet service providers to store all web traffic, including private chat rooms and emails, for as long as six months. A petition against the law posted on an online government platform known as the Russian Public Initiative collected more than 100,000 signatures.
According to the doctrine, one of Putin’s goals in improving Russia’s cybersecurity writ large involves neutralizing “the impact of information aimed at the erosion of traditional Russian spiritual and moral values.” The mention appears to be a hit tip to what is being described in the West as “ online misinformation campaigns” in the West.
In recent weeks, journalists and security researches have published work alleging that fake news stories shared across that U.S. — seeming to favor now President-elect Donald Trump — were the work of a foreign intelligence operation backed by Russian forces. The accuracy of this evidence remains unclear. Some say the information presented is inconclusive as it misses the gap on exact attribution.
The 17 U.S. intelligence agencies formally accused Russia in early October of hacking into the Democratic National Committee. The hack ultimately resulted in leaked emails spreading across the internet, showing some of the organization’s leaders favoring Hillary Clinton as the party’s eventual presidential candidate rather than Sen. Bernie Sanders, I-Vt.
NSA Director Mike Rogers has said he believes that another incident with Russian fingerprint — the targeted hacking of an email account owned by top Clinton aide John Podesta — is the work of a nation-state.
“There shouldn’t be any doubts in anybody’s mind: This was not something that was done casually, this was not something that was done by chance, this was not a target that was selected purely arbitrarily,” Rogers said. “This was a conscious effort by a nation state to attempt to achieve a specific effect.”