Sanctioned Russia emerges unscathed in global IT outage

Russian officials boasted on Friday that Moscow was spared the impact of the global IT systems outage because of its increased self-sufficiency after years of Western sanctions, though some experts said Russian systems could still be vulnerable.

Microsoft and other IT firms have suspended sales of new products in Russia and have been scaling down their operations in line with sanctions imposed over Russia's war in Ukraine, which Moscow describes as a special military operation.

CrowdStrike, a U.S. cybersecurity company whose widely used "Falcon Sensor" software caused Microsoft Windows to crash, had no known customers in Russia. The Russian market is dominated by local cybersecurity firms such as Kaspersky Labs.

"CrowdStrike has not provided any services in Russia, since February 2022 for sure," Mikhail Klimarev from the non-governmental Internet Protection Society told Reuters.

The Kremlin, along with companies from state nuclear giant Rosatom, which operates all of Russia's nuclear plants, to major lenders and airlines, reported no glitches amid the outage that affected international companies across the globe.

"The situation once again highlights the significance of foreign software substitution," Russia's digital development ministry said.

Russian financial and currency markets also ran smoothly.

"Everyone has long been preparing for the possibility of being cut off from Microsoft due to sanctions. The current incident is a test of how well we have prepared. So far, everything is fine, at least for the major players, and generally, there is no panic in the market," one currency trader, who wished to remain anonymous, told Reuters.

Russia's second-largest lender, VTB, announced plans to increase the share of domestically developed software to 95% by the end of this year, up from 85% currently. The bank said it invested 50 billion roubles ($571.46 million) this year alone in phasing out foreign software.

However, IT expert Eldar Murtazin said the risks posed by insufficient testing of new software updates were universal, and Russian software was not necessarily immune to future glitches like the one that hit CrowdStrike.

"Such issues can happen to any software, whether Russian or non-Russian, if there are no proper controls over new releases. If such an outage had occurred 3-4 years ago, a number of Russian companies would have been affected," Murtazin told Reuters.