Image
stories

A sovereign guardian How a highly connected military figure became Russia’s point man for disconnecting the Internet

Source: Meduza
Фото: Standret / Shutterstock.com.

Мы рассказываем честно не только про войну. Скачайте приложение.

In November 2019, Russia’s so-called “Internet sovereignty law” took effect, requiring all local telecom operators to install special equipment designed to “withstand foreign threats” and block anything added by Roskomnadzor (the federal censor) to the government’s registry of banned online content. The new regulations are still unenforceable in practice, but officials are already testing the needed hardware on real Internet users in the Urals. Under this law, Roskomnadzor also created a monitoring center to manage the new network infrastructure. This office will collect analytics about network operations and oversee the blocking of banned websites, taking central control of the Russian Internet in the event of threats to its security. Meduza correspondent Maria Kolomychenko learned that a Federal Protective Service veteran and the descendant of one of Russia’s most celebrated families of missile engineers — a man named Sergey Khutortsev — has been appointed to serve as the director of the powerful new monitoring center.

Echoes of Crimea

In July 2014, as political tensions intensified because of the annexation of Crimea and war in eastern Ukraine, Russia’s National Security Council, together with the Communications Ministry and Federal Security Service, conducted the first “digital exercises” on telecom operators. These drills would later become almost annual. 

The purpose of these exercises in 2014 and 2015 remains unclear, and participants in the drills interpret the program differently. Some say the authorities wanted to test the RuNet’s stability in a situation where Russia’s Internet connectivity is severed from abroad due to “unfriendly actions” by Western countries. Others insist that the experiments were intended to see if Russia itself is capable of disconnecting from the “foreign Internet” independently. (Andrey Semerikov, then the CEO of “ER-Telecom,” one of Russia’s biggest regional communications companies, said as much in October 2015.)

As communications minister, Nikolai Nikiforov argued that the exercises were designed to “analyze the risks and threats of external shocks on the Russian Internet’s infrastructure.” “It’s important for us to ensure that [the RuNet’s infrastructure] continues operating, regardless of political decisions by certain countries,” Nikiforov said four years ago.

In November 2016, following another round of drills, Russia’s Communications Ministry published the first draft of legislation ostensibly intended “to ensure the integrity, continuity, stability, resilience, and security of the functioning of the Internet’s Russian national segment.” Unofficially, the initiative became known as the law on RuNet “autonomy” or “sovereignty.”

In subsequent years, lawmakers repeatedly reworked and updated the draft legislation. In these revisions, the law acquired several radical new provisions. For example, the new legislation required telecom operators to share all network-operation data with a special state system, so network traffic could be routed in accordance with government instructions. Additionally, the Communications Ministry suggested banning foreign investors from owning more than 20 percent of any Internet traffic exchange points in Russia.

The initiative provoked sustained criticism not just from IT experts, but also from other federal agencies, including Russia’s finance and economic development ministries. As a result, the legislation wasn’t submitted to the federal government’s cabinet or the State Duma. The Federation Council, however, continued to insist that new radical measures were necessary. In November 2017, the Communications Ministry was again instructed to present the government with “proposals to create and implement a state information system to ensure the integrity, stability, and security of the functioning of the Internet’s Russian segment, and replace the root servers of top-level domain names,” according to official minutes from a National Security Council meeting, signed by Secretary Nikolai Patrushev and approved by President Putin (Meduza obtained a copy of the report). 

“Western countries’ growing capacity to conduct offensive operations in the information space and readiness to use these means presents a serious threat to the security of the Russian Federation,” concluded the National Security Council. Nevertheless, the requested legislation wasn’t ready by the deadline set on April 1, 2018.

A former employee at Russia’s Communications Ministry told Meduza that Deputy Minister Alexey Sokolov spent several years overseeing work on the draft law, characterizing him as “the voice of Patrushev’s will.” Before coming to the ministry, Sokolov served in the FSB and then worked as one of Patrushev’s advisers. “The Security Council just got tired of waiting. They realized that Sokolov would never reach an agreement with the other agencies, so they went another route, hurling their wishlist into the State Duma through senators,” says another source who worked in the Communications Ministry at the time.

As a result of these efforts, senators Andrey Klishas and Lyudmila Bokova, along with deputy Andrey Lugovoi, introduced a significantly modified version of the legislation to the State Duma in December 2018. The following April, the parliament adopted the law, and President Putin signed it in May.

What’s a sovereign RuNet?

The law charges Roskomnadzor with ensuring the RuNet’s stable operation and defense from external threats, but a separate agency created this summer — the Center for Monitoring and Management of Public Communication Networks (TsMU), formed inside Roskomnadzor’s General Radio Frequency Center (GRChTs) — is actually responsible for performing the necessary organizational and technical measures. 

Telecom operators, enterprises that own their own networks, and the proprietors of Internet traffic exchange points will have to provide the new monitoring center with all relevant information about their network infrastructure (for example, the locations of cross-border communications lines, traffic routing, IP address polls in use, and more).

Additionally, all telecom operators and enterprises that own their own networks will be required to install special equipment (“technical means against threats”) that will be provided at TsMU’s expense. This new hardware will be capable of blocking banned Internet content and rerouting network traffic. It’s uncertain if this equipment is supposed to do anything else, just as it remains unclear how the devices will defend the RuNet against threats. Regulators still haven’t drafted the bylaws explaining these operations.

The website RBC previously reported that special equipment manufactured by the company “RDP.Ru” is already being tested on communications networks in the Urals. Another company called “Data Processing and Automatic Center,” founded specifically for this project and headed by former Deputy Communications Minister Rashid Usmailov, is responsible for installing the hardware. 

The law also provides for the creation of Russia’s own national domain name system, which “will make it possible to ensure the operability of Russian Internet resources” in the event that foreign DNS root servers become unavailable. TsMU is charged with this job, too.

In the event of a security threat to the RuNet’s functioning, the center will assume control of all the communications networks in the country, issuing commands to the special equipment they provided and installed on these networks. In these situations, TsMU will reroute RuNet traffic so it doesn’t pass through foreign communication hubs. Once a year, the Russian authorities will stage special practice drills to build “practical skills” to ensure the RuNet’s stability in an emergency. 

The federal government has allocated 30.8 billion rubles ($483.3 million) to implement provisions of the “Internet sovereignty” law as part of Russia’s “Digital Economy” national program. In the first half of 2019, GRChTs approved 18.3 billion rubles ($287.1 million) in subsidies to fulfill pieces of this implementation.

Image
A protest in Moscow against RuNet isolation on March 10, 2019
Shamil Zhumatov / Reuters / Scanpix / LETA

A special adviser

“I’ll try to answer the question that’s on everyone’s lips: Why are we talking about the Internet and the Federal Protective Service?” said FSO representative Vitaly Pugachev at a closed session of the State Duma’s Committee on Information Policy, convened to discuss the RuNet sovereignty law (Meduza obtained an audio recording of his remarks, and two participants confirmed its authenticity).

“In accordance with the presidential decree [...], state agencies interact with the Internet through the Russian state — now, pay attention here — segment of the Internet, the so-called RSNet [Russian State Network]. According to this executive order, the FSO is responsible for operating, developing, and maintaining this network, which is why I’m present now at your meeting,” Pugachev explained.

Pugachev also said the FSO “generally supports” the RuNet sovereignty law. “Perhaps some aspects need certain technical clarification. It’s a known fact that, when something is invented, the rules are later gradually invented. The first automobiles on the roads… Boys with red flags used to run alongside them, to alert people. Then we got traffic lights, and now we have cameras. People were scared at first, and everything seemed too complicated, but there need to be rules,” said Pugachev.

During the committee meeting, Pugachev never revealed his position within the FSO, but previously published documents state that he manages a branch of the agency’s Special Communications and Information Service (Spetssvyaz), which administers the RSNet network.

The same committee meeting heard from Sergey Khutortsev, an adviser to the president of the state-controlled telecoms group Rostelecom. “All objects of critical information infrastructure, all state information systems, and all departmental networks depend on the Internet, one way or another,” said Khutortsev, before adding, “That’s why Rostelecom fully supports this legislation.” (Meduza has a copy of his speech, too.)

Khutortsev also noted that network operators in Russia already use equipment similar to the hardware they’d need to install under the RuNet sovereignty law. “We need to understand that all network operators and other communications participants work with similar equipment, one way or another: they have their own DPI [deep packet inspection] systems and their own defense systems against DDoS [denial-of-service] attacks that work according to similar principles,” he explained.

Khutortsev also said bylaws would need to develop “clear regulations that would determine how Roskomnadzor installs, replaces, and expands the equipment’s functionality, and how it impacts traffic.” “Maybe network operators will also have some kind of control over this equipment,” suggested the Rostelecom adviser. 

Before joining Rostelecom, Sergey Khutortsev worked with Vitaly Pugachev at the FSO’s Spetssvyaz, where he spent several years developing RSNet, Meduza learned from sources with ties to Roskomnadzor and Russia’s telecoms industry. Also, a man with Khutortsev’s full name is listed as the accountable officer for one of Spetssvyaz’s public procurement contracts in 2011 for work on developing RSNet. 

“I don’t know if he resigned from the FSO, or if he was posted at Rostelecom as existing staff. Given that Rostelecom provides communications services to state agencies, he could very well have been planted in the company as an active FSO officer,” says a source participating in the “sovereign RuNet” pilot program in the Urals. Rostelecom is the sole provider of communications services to federal agencies and medical institutions in Russia, and it operates the state’s only cloud platform and other government services. Two other sources told Meduza that they don’t know if Sergey Khutortsev resigned from the FSO upon transferring to Rostelecom.

The Federal Protective Service did not respond to messages from Meduza. Spokespeople for Rostelecom declined to say if Khutortsev served in the FSO while working for the company.

The Russian State Network (RSNet) is a secure segment of the Internet for state agencies. Its main purpose is increasing the security of government electronic resources and preventing the leak of documents and official correspondence between officials. Work on RSNet started in 1998, and the FSO’s Spetssvyaz has served as its network operator since 2003. The project’s original domains included gov.ru, kremlin.ru, and government.ru, as well as mail servers on these domains for state employees.

In 2009, the FSO announced plans to develop RSNet further, establishing new communication nodes and translating government-agency websites into English. In 2015, Vladimir Putin signed an executive order requiring state structures to connect all information networks and systems to RSNet to ensure their security. Today, RSNet’s servers store materials related to government-agency activities, the network operates its own file-exchange exclusively between RSNet users, it now features remote access for certain categories of state employees, and more. Under Russia’s “Digital Economy” program, more than 1.4 billion rubles ($22 million) will be allocated in the coming years to develop RSNet further. 

A decorated CV

Meduza learned from three sources that Sergey Khutortsev left Rostelecom several months ago and took a job at Roskomnadzor’s General Radio Frequency Center (GRChTs) as the head of the Center for Monitoring and Management of Public Communication Networks (TsMU).

“His candidacy was long ago approved ‘upstairs’ and he assumed responsibilities as head of TsMU, a few months ago. At least since this summer, he’s been present as TsMU head at all of the Roskomnadzor internal meetings dedicated to the ‘pilot’ program in the Urals and the development of the TsMU system, which will be a hub for all data about operators’ network infrastructures,” says a source who participated in the “Sovereign RuNet” pilot program and personally attended internal meetings at Roskomnadzor with Khutortsev.

Another source with ties to Roskomnadzor confirmed this information to Meduza. “TsMU was officially created a few months ago, and now they’re dealing with issues related to the creation of an ‘Automated Security System for the Russian Segment of the Internet,’” says Meduza’s source. “‘E.Soft’ is definitely involved in the design work. They handled the technical work, in any case, and Khutortsev is the one really managing the whole process.” “E.Soft” is one of Roskomnadzor’s regular contractors for developing different IT systems and providing technical support. Every year, the company wins contracts from the agency worth hundreds of millions of rubles, awarded without any rival bids in a “sole supplier” format. Spokespeople for E.Soft did not respond to Meduza’s inquiries.

“Yes, Sergey was apparently chosen to head TsMU and he’s already on the job. He’s an excellent technical specialist, but I can’t say for certain where he’s worked in the past, in the FSO, at Rostelecom, or GRChTs. I haven’t seen his CV,” says a source who works in Russia’s communications industry. 

Rostelecom spokesman Andrey Polyakov confirmed that Sergey Khutortsev no longer works at the company, but he did not answer Meduza’s questions about Khutortsev’s new employment. Roskomnadzor’s press office did not respond to Meduza’s questions about TsMU’s creation or Khutortsev’s appointment, saying only that agency’s operations are on schedule. Meduza was unable to reach Sergey Khutortsev.

Getting a missile to America

Sergey Sergeyevich Khutortsev is 39 years old. He graduated from the Peter the Great Military Academy of Strategic Missile Forces in the early 2000s and then served in Russia’s missile corps, before going to work for the FSO, an acquaintance told Meduza. Another source with access to Moscow’s residency database confirmed this information.

There are many competent specialists in various technical fields in Russia’s armed forces, but they’re not connected to the Internet, says Viktor Murakhovsky, a member of the Russian Military‑Industrial Commission’s board of experts. He says specialized institutions of higher education (for example, the Peter the Great Military Academy of Strategic Missile Forces) maintain large scientific schools in areas related to information technology “particularly focused on tactical control systems.”

“Information technology has been used since the beginning to launch missiles. It’s not easy, you know, getting a missile to America. It’s more than 11,000 kilometers [6,835 miles] if you do the calculations on paper. Additionally, the first computers in this country were created specifically for military use. So people from the armed forces have a good technical foundation,” Murakhovsky says.

A source close to Roskomnadzor and another individual who participated in the agency’s pilot program in the Urals told Meduza that Sergey Sergeyevich Khutortsev’s father is Lieutenant-General Sergey Vladimirovich Khutortsev, who currently serves as director of the federal government’s State Defense Orders Department.

Image
Lieutenant-General Sergey Vladimirovich Khutortsev (front) addressing Russia’s Military‑Industrial Commission on April 29, 2008
Alexander Saverkin / TASS

According to his official biography published on the Defense Ministry’s website, Khutortsev Sr. graduated from the Chief Marshal of Artillery Nedelin Rostov Higher Military Engineering School and served for several decades in Russia’s missile corps. From 2001 to 2006, he was the chief of staff and first deputy commander of Russia’s Strategic Missile Forces. After joining the Reserves, he went to the Economic Development Ministry, and Prime Minister Vladimir Putin appointed him director of the federal government’s State Defense Orders Department in 2009.

In 2001, the military’s official newspaper of record, Krasnaya Zvezda, published an essay about famous missile specialists raised in Rostov-on-Don. “There are hundreds and hundreds of dynasties in the military’s strategic missile forces. The Khutortsev dynasty is perhaps the most notable of them,” says the text. Khutortsev Jr.’s grandfather, Vladimir, was an artillery gunner during the Second World War and was later appointed the commander of an artillery brigade in the USSR’s Supreme High Command Reserve in Buynaksk, Dagestan.

“Before going into the Reserves, Colonel Vladimir Khutortsev served as a deputy department head at the Rostov Higher Military Engineering School. Years later, his son, Sergey, a future missile commander, lieutenant general, and chief of staff of the Strategic Missile Forces, came to study behind these same walls. His brother, Valery, is now the deputy director of academic and scientific work at the Rostov Military Institute. And Khutortsev Jr., Sergey Sergeyevich, will graduate next year from the Peter the Great Military Academy of Strategic Missile Forces,” says the now 18-year-old Krasnaya Zvezda article.

Two sources confirmed to Meduza that Sergey Vladimirovich Khutortsev has another son named Alexander who also works for the federal government. According to records dated several years ago on the state website Gossluzhba.gov.ru, someone named Alexander Sergeyevich Khutortsev served as an adviser in the government cabinet’s Information Technology and Communications Department. Sources told Meduza that Alexander Khutortsev is still working in this department today.

Cabinet spokespeople would not tell Meduza if Alexander Khutortsev still serves as an adviser for the government. Sergey Vladimirovich Khutortsev also ignored Meduza’s questions, submitted through the government’s press service.

Story by Maria Kolomychenko

Translation by Kevin Rothrock