Russia targets Telegram; bans Amazon, Google IPs
THE MOVE to ban these IP blocks is a response to Telegram moving some of its infrastructure to Amazon Web Services and Google Cloud servers over the weekend to skirt the initial ban and provide service to Russian users.
Moscow, April 17: Roskomnadzor, Russia’s telecommunications watchdog, banned today over 1.8 million IP addresses belonging to Amazon and Google’s cloud infrastructure.
The IP ranges account for 1,835,008 IPs.
The move to ban these IP blocks is a response to Telegram moving some of its infrastructure to Amazon Web Services and Google Cloud servers over the weekend.
Roskomnadzor banned the Telegram instant messaging client inside Russia’s border on Friday, after the messaging company refused to hand over customers’ encryption keys to the FSB, Russia's main intelligence service.
By moving servers to Amazon and Google servers, Telegram was able to skirt the initial ban and provide service to Russian users over the weekend.
Many users ridiculed Roskomnadzor’s decision on social media, and for good reasons, as the move to mass- ban so many IP addresses had secondary repercussions, as it also blocked many legitimate web services. Users reported many online games, mobile apps, and cryptocurrency services going dark over the course of the day.
Meanwhile, Britain and the United States on Tuesday released a rare joint statement warning of “malicious cyber activity” carried out by Russia.
The technical alert was issued by the UK's National Cyber Security Centre, the US Federal Bureau of Investigation and department of homeland security.
“The targets of this malicious cyber activity are primarily government and private- sector organisations, critical infrastructure providers and the ISPs supporting these sectors,” the statement said.
It warned everyone from internet service providers to home office customers to heed the warning, after the government agencies found cyber attacks targeting devices such as internet routers.
“Russian state- sponsored actors are using compromised routers to conduct spoofing ‘ man- inthemiddle’ attacks to support espionage, extract intellectual property, maintain persistent access to victim networks and potentially lay a foundation for future offensive operations,” the UK and US warned.
They cited cyber security research organisations and other governments as providing evidence of such attacks, without providing details of their timing or scale. “The current state of US and UK network devices, coupled with a Russian government campaign to exploit these devices, threatens our respective safety, security, and economic wellbeing,” the technical alert said.