Prior to 1990 there were very few internet pages in the USSR. There wasn’t a country domain designation, so without URLs there wasn’t an easy way for internet users to construct websites or web pages at a particular address. Other than a few academic URLs, there were no addresses that had integrated with the larger American internet address system. The same problem was true in Europe, but in 1989 and 1990 a whole new group of country specific internet addresses were created. For example, “.yu” for Yugoslavia, “.pl” for Poland, and “.cs” for Czechoslovakia. A 19 year-old Finnish student named, Petri Ojata, established the “.su” internet address for the Soviet Union.
The Red-Headed Step-Child
The day after Christmas in 1991, December 26, the Soviet Union went out of existence, but the “.su” internet address has lived on. Russia emerged from the communist experiment and established an internet presence using the “.ru” address tag at the end of URLs in 1994, but the “.su” tag was never discontinued. It never received a lot of use, but it stumbled along as the orphan child of a failed empire.
Then in 2011 the administrators of Russia’s “.ru” domain space tightened up their rules for use and continued service. Those who would not conform to the new rules were subject to loss of web pages. The rules were designed to eliminate internet fraud. According to internet security experts, it was soon after these new rules went into effect that scammers began to migrate their registration onto the old “.su” domain space. Russia now has two official internet watchdogs and according to one of them, the “.su” domains are now populated by more than half of Russia’s cybercriminals.
The internet hosting operators of the “.su” domain have stubbornly resisted pulling the plug on this rouge digital badlands, claiming commercial and patriotic defensive reasons. But the truth is, other cold war-era domain names of countries that disappeared like East Germany and Yugoslavia were discontinued after the country dissolved into new political entities. The “.su” domain is a willful haven for sites that control botnets, which are the networks that hijack computers and use them for malicious or criminal activities like emptying bank accounts. Another common abuse perpetrated by “.su” sites is to take hold of another person’s servers and hold them for ransom. The hacker finds a way into the target’s hard drive, often of foreigners in the U.S. or Europe, and demands payment to release that drive from rouge code.
There are also legitimate websites that use the “.su” domain, many are involved with Soviet-era history, but that could be presented on “.ru” just as easily and just as appropriately. Currently the “.su” domain is controlled by a Moscow-based non-profit called, Foundation for Internet Development, which is headed by Sergei Ovcharenko. According to Ovcharenko the problem is not with his organization, but with weak Russian legislation regarding internet use and outdated terms of service. Ovcharenko claims his group is calling on the Russian government to tighten laws relating to cybercrime so his organization can more easily close down rogue sites.
Undoing A Rogue Domain
There are currently well over a hundred thousand registered domains using the “.su” tag. That makes elimination of the “.su” tag difficult. Way back in 2007 the official United States Internet Corporation for Assigned Names and Numbers (ICANN), which organizes the domain naming system for the global internet, noted the persistence of “.su” domain use at an ICANN meeting in Lisbon . Alexey Soldatov of the Fund on Internet Development, wrote to Paul Twomey, the CEO of ICANN and said the “’.su’ code element had been removed from the ISO 3166-1 standard.” The internet is organized on several levels and the ISO 3166-1 standard directs the top-level of internet organization, which is where country codes are supposed to be derived.
But here’s the problem as Soldatov wrote about it back in 2007. “…the current .SU top-level domain user community, which largely established itself in the period between 1992 and 1998 when all the former Soviet Union countries received top-level domains, consists of more than 8,000 second level domains and more than 100,000 third level domains.” In other words, from the very beginning the structure of the “.su” country code was arranged at the lower levels of the internet’s global ICANN structure.
As far as removing the “.su” domain, that means things get messy. Back in 2007 when ICANN looked at this the cybercrime element hadn’t migrated into that “.su” structure, so apparently there wasn’t any immediate reason to undue what had developed. Here’s how Soldatov described it, “These numbers suggest that wide adoption on the Internet of the former SU (virtual) space and reflect the existence of a community that identifies itself by a common language, distinct cultural roots, a unified history, and human, business and scientific links.”
The letter Alexey Soldatov and his colleague Alexei Platonov sent to Paul Twomey back in 2007 concluded with a suggestion that the top-level domain designation of “.su” could be migrated to a different top-level domain designation, which would probably be the “.ru” domain. He went on to say that the migration process would be complex and that is should be done over a long period of time and suggested 10 to 15 years would be sufficient. Apparently that is not what has happened and in the mean time the orphaned “.su” domain has continued to grow a small but diverse community that includes a substantial rogue element of malicious hackers. The “.su” domain affords these hackers a longer time span to operate their criminal schemes because it takes longer for the non-profit Foundation for Internet Development to take down criminal sites. Those sites often are up an running for many months at a time before they are forced off of their “.su” addresses.