Russian Federal Security Service Blocks ProtonMail During Protests

Posted on the 25 March 2019 by Darkwebnews @darkwebnews

Russia's Federal Security Service recently accused users of anonymous email services of facilitating false bomb threats.

The government then used this justification to enforce a block against end-to-end encrypted email provider ProtonMail.

The news about the block order appeared on a Russian blog after the information was obtained from the former KGB, today's state Federal Security Service.

In late-January, the police received various bomb threats through email, ultimately prompting the evacuation of government buildings and schools.

The Block's Instant Implementation

After Russian police received multiple alarming threats via email, they immediately took matters into their own hands.

By the order, a total of 26 internet addresses and a few servers were blocked.

Using a specific method, called BGP blackholing, the internet providers had to implement the block order right away.

This technique is known for not routing the internet traffic to its destination, but for simply telling the routers to throw it away.

As a result, the users cannot receive nor send any emails. The site, however, is still able to load.

Habr, a Russian blog, reported the ban on ProtonMail IP addresses in several regions in Russia. The post was updated with news as it developed earlier this month.

Andy Yen, the founder and CEO of ProtonMail, wrote a blog post alerting users to the issue. In an email to TechCrunch, Yen further described the Russian block as "particularly sneaky."

According to Yen's statement, his service is blocked in a very subtle manner, since the block is focused on the access to the mail servers of ProtonMail.

Further, Yen explained that most of the Russian mail servers, including Mail.ru, are not capable of delivering any mail to ProtonMail, yet Russian users have no issues getting messages in their inbox.

The Russian order mentioned two separate servers for blocking, both of which are back-end servers for delivering mail.

The front-end website, which actually runs in a completely different system, was not listed in the order.

Threats to Security

The block of ProtonMail and the other servers coincidentally happened amidst protests against the Russian government's efforts toward restricting the internet.

The critics labeled this movement as Kill Switch. Known for its continual efforts to repress the freedom of speech, the Kremlin argued that disconnecting from the internet is a way to protect the infrastructure of the country in the event of a cyberwar.

Wholesale blocking the service of ProtonMail in Russia, as Yen stated, is a big mistake of the authorities since more damage is done to the Russian citizens than good.

As an encrypted email provider, ProtonMail equips users with the tools they need to stay safe on the internet.

Blocking such a service is a poor approach to achieving greater online security, explained Yen.

Problems with ProtonMail were first noticed on March 10, which was the exact same day as the protests in Moscow. Around 15,000 people participated in the protest.

However, such efforts from the Russian authorities are not the first of their kind.

In 2014, the Russian restraint on the internet intensified. Back then, the tech companies that operated in the country were lawfully ordered to store the data of the Russian users within the country's borders.

Social media platforms such as LinkedIn were among those affected by the policy. This ultimately led to a nationwide ban on LinkedIn in 2016.

In April 2018, the Russian government once again proved to have issues with encrypted messaging services.

An immediate order from the government blocked Telegram, and the authorities managed to crack down on citizens' access to free information online.

Facebook and Twitter were recently requested to obey the law or else they would face a ban as well.

TechCrunch requested a comment regarding the ProtonMail block from Roskomnadzor, the federal authority responsible for censorship in media and telecommunications. A response was never received.

Disclaimer: