Russia Will Stop Using Western Software for Critical Infrastructure by 2025

pcmag.com:

Russia President Vladimir Putin has reportedly ordered critical infrastructure operators to stop using foreign software, which purportedly represents a national security risk, by 2025.

The Register reports that Putin signed Order No. 166 (PDF), titled "On measures to ensure the technological independence and security of the critical information infrastructure of the Russian Federation," on March 30. The order went into effect the following day.

"From here on," The Register says, "organizations must seek approval before they can buy in overseas software for this level of infrastructure. Putin also prohibited public agencies and other customers from using foreign software as of January 1, 2025."

The order follows many Western tech companies—including Microsoft—halting sales in Russia in response to the invasion of Ukraine. Even the software that remains available could pose a problem, too, because of calls for companies to stop providing security updates within Russia.

Russia's invasion of Ukraine has also prompted the rise of "protestware" in open source projects that seek to disrupt Russian operations. One project was modified to delete files on Russian and Belarusian systems, for example, while another showed a "call for peace" on Russian devices.

The Register reports that Order No. 166 "asks the Russian government to form a group focused on developing, producing, and maintaining trusted software and hardware for critical infrastructure projects" in addition to requiring government agencies to adopt these new rules.

Sign up for SecurityWatch newsletter for our top privacy and security stories delivered right to your inbox.

This newsletter may contain advertising, deals, or affiliate links. Subscribing to a newsletter