This is the first in a series of blog posts which assess how an increasing number of nation states are seeking to disconnect their internet from the wider global internet. The decision to do so could lead to a ‘Balkanised’ internet, reflecting the breakdown of the Ottoman Empire in the 20th century into a collection of hostile and uncooperative states. It could also pose issues for organisations working in these states, as we assess throughout the series.
Introduction
Last May, Vladimir Putin signed into law a bill to explore the possible disconnection of the Russian Internet (RuNet) from the global Internet, which would allow Russian networks to continue operating in the event of a major cyberattack or geopolitical crisis.[1]
This is the latest development in the process of what has
been described as the “Balkanisation” of the Internet, as an increasing number
of nation-states look to reinstate their digital sovereignty by enforcing data
localisation laws, new regulatory regimes, and setting up national intranets. As
a result, the Internet could devolve into a series of hostile and uncooperative
states and networks. This new “Splinternet” could lead to limited cross-border data
flows, Internet censorship, and heightened cybercriminal activity.
The term “Balkanisation” derives from the fragmentation of
the Ottoman Empire into smaller, hostile states in early 20th
century. The end of the Ottoman cultural and political hegemony over the
Balkans led to a near-century of military conflict and humanitarian crisis in
the region. Much like the Ottoman Empire, the United States’ hegemony over the Internet
is being increasingly challenged by this process, which itself is driven by a
variety of actors. As a result of this process, the threat landscape is
being increasingly shaped by national policies, as are businesses’ capabilities
to protect themselves against these threats.
With new legislation, nation states will have unprecedented
license to gain access to firms’ proprietary data. Cooperation between private
and public actors will become increasingly limited by compliance and
regulation. Cybercriminals heed no such state boundaries or intranets and
converse freely on the dark web. The Balkanisation of the Internet further
hinders cooperative efforts to fight against such threat actors, and will bring
a host of challenges to businesses, tech firms and cybersecurity firms alike.
As a result, cybercriminals and nation-states alike are adapting their Tactics,
Techniques and Procedures (TTPs) to take
advantage of this Balkanisation, meaning an increasingly unpredictable threat landscape
for businesses.
In this five-part series, Orpheus will be taking a look at
the variety of threats to businesses that arise from the Balkanisation of the Internet,
and how businesses can mitigate these threats through a threat intelligence
provider.
First, this introduction will review the events leading up
to this process of Balkanisation, from the birth of the Internet to the 2013
Snowden leaks.
Second, we will take a look at challenges to businesses
posed by new EU regulations such as GDPR. While it has had a positive impact
overall on cybersecurity, inconsistent enforcement will hinder decision-makers and
businesses. We assess that businesses will continue struggling with compliance
in the foreseeable future.
Third, we will look at India and Brazil’s new data
localisation laws, and their struggle with WhatsApp, whose market position in
these countries is increasingly challenged by local governments, domestic
competitors, and exploitation by cybercriminals. We estimate that businesses
operating in these countries will be increasingly targeted by domestic
cybercriminal activity, who are evolving their TTPs in response to recent
legislation.
Fourth, we will consider Russia’s attempts to enforce
digital sovereignty, which further threatens the security and privacy of
foreign businesses operating in Russia. In
addition, we estimate that Russia’s new laws, if enforced successfully, will
bring significant change to its domestic cybercriminal landscape.
Fifth, we will consider China’s own digital sovereignty
laws, which equally justifies malicious activities and intelligence collection
on foreign firms operating within their borders. We estimate that the
likelihood of sophisticated compromise techniques such as supply-chain or
third-party compromise attacks will grow as a result of this legislation.
Firms are finding it increasingly difficult to comply with these
countries’ regulations without giving in to state censorship or putting their
data at risk. We believe that businesses operating in these states will
struggle with compliance to intrusive digital sovereignty laws and will have to
comply with unregulated penetration testing and minimised cross-border data
flows.
Origins of the Splinternet
The origins of the Internet we know today began with
ARPANET, a joint enterprise between DARPA, the US Department of Defence’s
innovation research agency, and academics from various US universities.
Following the gradual building of submarine cables and its first cross-Atlantic
network in the UK, ARPANET evolved into
a global network in the early 1990s, which saw its first wave of public and
commercial users- which eventually resulted in the creation of the Internet.
From the onset, the Internet was a joint venture by American
research institutions and governmental organisations, which incorporated
liberal values like freedom of speech and assembly. This set the rise of US
technological, cultural and political dominance over the Internet. The undisputed rise of tech giants such as
Google, Amazon, Facebook and Apple (also known as the GAFA), means they now
collect, process, and exchange the data of billions of users worldwide, and
exert political, social and economic influence comparable to that of
nation-states, further perpetuating US influence. Lack of regulation from the
US government has allowed these firms to gain unprecedented access to consumer
data with little respect for consumer privacy or competition law. In addition,
the spread of the Internet eclipsed major powers like Russia and China, as
demonstrated in this 1993 map of networks connected to the Internet (see image
below). Unsurprisingly, the Internet had a low percentage of penetration in
authoritarian regimes like Iran or Cuba.
This all changed in 2013 with the revelation of the infamous Snowden leaks, which can be seen as the starting point for the process of Balkanisation. These massive data dumps of covert NSA operations and tools revealed large-scale surveillance plans by the Five Eyes intelligence agencies. Much like the current discussion surrounding Huawei, the legitimacy of these US companies was called into question because of the firms’ cooperation with state agencies, and as a result states around the world pressed for further regulation.[2]
The wave of announcements following the leaks put in motion
the process of the Balkanisation of the Internet, notably with Dilma Roussef’s
speech in September 2013 at the United Nations General Assembly, where she
announced that Brazil would look to implement its own network and data
protection laws. This fuelled a global movement to secede from the US-led Internet,
as countries like Brazil, Russia, India and China (BRIC) and many others have
moved to build their own sovereign networks, and with supranational
organisations such as the (EU) implementing their own data localisation laws.
The Splinternet was set in motion and has started putting businesses at risk in
a number of countries, as cybercriminals and nation-state actors are adapting
their TTPs as a result.
We will examine the impact of GDPR on businesses and cyber
threat intelligence firms in next week’s post, followed by Brazil and India’s
new data localisation laws the week after.
Get our latest cyber intelligence insights straight into your inbox
Fill out the short form below to subscribe to our newsletter so that you never miss out on
our cyber intelligence insights and news.
Privacy Overview
This website uses cookies so that we can provide you with the best user experience possible. Cookie information is stored in your browser and performs functions such as recognising you when you return to our website and helping our team to understand which sections of the website you find most interesting and useful.
Orpheus is a leading cyber security company that offers predictive and actionable intelligence to clients, enabling them to anticipate, prepare for, and respond to cyber threats. Our threat intelligence is used to create threat-led cyber risk ratings, providing a more accurate assessment of risk than just analysing an organisation’s attack surface. Products include; External attack surface management, risk-based vulnerability management, third-party supply chain risk management and cyber threat intelligence. Cyber security jobs and careers.
Strictly Necessary Cookies
These cookies are strictly necessary to provide you with services available through our website and to use some of its features. These must be enabled at all times, so that we can save your preferences.
Orpheus is a leading cyber security company that offers predictive and actionable intelligence to clients, enabling them to anticipate, prepare for, and respond to cyber threats. Our threat intelligence is used to create threat-led cyber risk ratings, providing a more accurate assessment of risk than just analysing an organisation’s attack surface. Products include; External attack surface management, risk-based vulnerability management, third-party supply chain risk management and cyber threat intelligence. Cyber security jobs and careers.
If you do not enable Strictly Necessary Cookies, we will not be able to save your preferences. This means that every time you visit this website you will need to enable or disable cookies again.
Orpheus is a leading cyber security company that offers predictive and actionable intelligence to clients, enabling them to anticipate, prepare for, and respond to cyber threats. Our threat intelligence is used to create threat-led cyber risk ratings, providing a more accurate assessment of risk than just analysing an organisation’s attack surface. Products include; External attack surface management, risk-based vulnerability management, third-party supply chain risk management and cyber threat intelligence. Cyber security jobs and careers.
3rd Party Cookies
This website uses Google Analytics to collect anonymous information such as the number of visitors to the site, and the most popular pages.
Keeping this cookie enabled helps us to improve our website.
Orpheus is a leading cyber security company that offers predictive and actionable intelligence to clients, enabling them to anticipate, prepare for, and respond to cyber threats. Our threat intelligence is used to create threat-led cyber risk ratings, providing a more accurate assessment of risk than just analysing an organisation’s attack surface. Products include; External attack surface management, risk-based vulnerability management, third-party supply chain risk management and cyber threat intelligence. Cyber security jobs and careers.
Please enable Strictly Necessary Cookies first so that we can save your preferences!
Orpheus is a leading cyber security company that offers predictive and actionable intelligence to clients, enabling them to anticipate, prepare for, and respond to cyber threats. Our threat intelligence is used to create threat-led cyber risk ratings, providing a more accurate assessment of risk than just analysing an organisation’s attack surface. Products include; External attack surface management, risk-based vulnerability management, third-party supply chain risk management and cyber threat intelligence. Cyber security jobs and careers.
Orpheus is a leading cyber security company that offers predictive and actionable intelligence to clients, enabling them to anticipate, prepare for, and respond to cyber threats. Our threat intelligence is used to create threat-led cyber risk ratings, providing a more accurate assessment of risk than just analysing an organisation’s attack surface. Products include; External attack surface management, risk-based vulnerability management, third-party supply chain risk management and cyber threat intelligence. Cyber security jobs and careers.
Request Demo Access
Fill out your details below and we'll be in touch to arrange demo access for you as soon as
possible.