By Andrei Soldatov and Irina Borogan 

The day Putin was sworn in at the Kremlin, he signed the Executive Order on Russian development goals to 2036. Among the many promises was “ensuring Internet sovereignty and information security in the Russian Internet.”

It’s clear what that means: Putin has been absolutely consistent in what he expects from national information security and has shown just how much he cares about the issue — he signed his first Doctrine of Information Security as early as 2000. In essence, this means the isolation of the Russian information space — which includes media and all kinds of communication — from the West.

Ever since 2000, the Kremlin has been constantly and consistently expanding the areas that had to be protected from the West — the May 8 Executive Order, for instance, bans video games that “distort” Russian history.

This approach is easier to grasp once it’s understood that the West is seen by Putin and his regime as a biolab-producing mind virus liable to infect the Russian people. It is therefore an existential issue for an autocratic government to prevent Western media, Western technologies, Western ideas, and Western social media from influencing Russian public opinion.

Only in this way can the regime hope to ensure its survival. In most countries, this is the primary task of the secret police.  

The Kremlin can now boast years of experience in such work in an increasingly challenging global environment, which puts it in a good position to successfully sell this experience elsewhere in the world. By expanding the reach of the Russian regime through intelligence service supply, it may also hope to emulate the mercenary model of the former Wagner Group, which has extended Russia’s military reach and kleptocratic business model.

Two weeks before Putin’s inauguration, the Russian Security Council convened a major conference in St Petersburg — The 12^th International Meeting of High-Ranking Officials Responsible for Security Matters.

Organized by Nikolai Patrushev (the head of the Security Council until May 12, when he was shuffled aside), this was the latest in a series of meetings since 2010 designed to boost Russian intelligence and security agencies’ exports to friendly nations.

The conferences court high-ranking security officials of the target countries, especially heads of national security councils, national security advisers, deputy prime ministers, and heads of security and intelligence agencies. This year, the conference gathered security mandarins from 106 countries.

Cuba, Sudan, Syria, Brazil, Bolivia, Thailand, Kazakhstan, many African countries, and many in the Middle East, sent their security supremos to St Petersburg.  

There were two key topics — information security, and protection of traditional values/national identity.

Patrushev, displaying his trademark disdain for subtlety, openly advertised Russian cyber companies to the participants. He listed seven firms:

• Angara Security launched by a former CEO of Informzashita (under European Union sanctions);
• Kod Bezopasnosti, led by a graduate of the FSB Academy;
• Positive Technologies, sanctioned by the US for helping Russian spy agencies recruit new talent;
• Cyberus led by former employees of Positive Technologies;
• Kaspersky Lab;
• Solar, the national telecom operator Rostelecom’s security branch; and
• Security Vision, a company with contracts with the Federal Protection Service, FSO.

The audience was well chosen and demonstrated the Kremlin’s keen understanding of how things really work in authoritarian regimes. In such countries, contracts are determined through contacts with or favors from the boss class  — and it makes things much better if the boss happens to be the head of the national security agency or secret police force. 

Nor could anyone among the invited security mandarins labor under the illusion that any Russian offer would include a backdoor to their computer systems for the Russian intelligence services.

When Patrushev delivered his opening speech, the head of the Russian Foreign Intelligence Service, the SVR, Sergey Naryshkin was seated at his right hand. It is also a well-established fact that Russian cyber companies have a history of cooperating intimately with Russian intelligence agencies, and the products the companies offer are known to collect massive amounts of data from their customers’ devices.

For instance, Kaspersky Lab was banned from US federal government contracts because of questions about the highly intrusive way Kaspersky Lab software treats the computer systems they are supposed to protect.

And nobody has any illusion either that Russian cyber agencies remain perfectly capable of launching cyber-attacks and of conducting cyber espionage operations — the authorities of many European countries could speak to that: Germany, for one, this month recalled its ambassador from Moscow for consultations and summoned a top Russian envoy over a series of cyber-attacks targeting the governing Social Democratic Party and the country’s defense and technology sector last year. Both were attributed to Russian military intelligence.

But the Kremlin’s target audience of security mandarins who traveled to St Petersburg doesn’t care much so long as it provides protection against the Americans.

For such countries, Russia is offering to shield their information spaces from the pernicious threat of Western influence, including cyber security, but also control of social media. For many such countries, one of the ostensible purposes of the St Petersburg meeting — the protection of traditional values —  is easily understood; it means the protection and survival of the political regime.

This is very appealing to many regimes. They are prepared to pay top dollar to Putin’s spooks to make it happen.