Russian media reported that Alexander Khinshtein, the head of the Duma committee on information policy, announced that the Russian government is evaluating to avoid punishing hackers acting in the interests of Moscow.
“The question of their exemption from liability needs to be worked out, said Alexander Khinshtein, head of the Duma committee on information policy.” reported the Govoritmoskva website.
The Russian government recognizes the importance of cybercriminal gangs and hacktivists’ contribution to the defense of its interests. This is an important official announcement, even if the Russian government in the past demonstrated indulgence for cybercriminal gangs that avoided hitting computers in the country. Multiple ransomware gangs developed their malware to avoid infecting systems in the Commonwealth of Independent States (CIS) region (formed following the dissolution of the Soviet Union in 1991) and instructed the network of their affiliates not to target Russian organizations.
The topic is crucial, especially in this historical moment, the ongoing conflict between Russia and Ukraine is characterized by the presence of non-state actors in cyberspace, whose operations are reshaping the threat landscape.
“We are talking about, in general, working out the exemption from liability of those persons who act in the interests of the Russian Federation in the field of computer information both on the territory of our country and abroad,” TASS quotes Khinshtein.
The Russian Parliament announced that this proposal will be discussed more in detail in the next months with the intent to better formulate this initiative.
The Russian law framework currently punishes crooks charged with creating, using, and distributing malware with up to seven years in jail.
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
(SecurityAffairs – hacking, Russian Government)