WikiLeaks reveals Russia’s surveillance tools, and the company that builds them
20 September 2017 |
A Russian firm offering billing services is now colluding with the country's intelligence agencies and is offering them unmatched surveillance technologies to spy on citizens, claims WikiLeaks.
Russian authorities are using technologies provided by PETER-SERVICE to track phone records, texts, IMEIs and IP addresses of Russian citizens.
Russia's new cyber security law- the Yarovaya Law, offers sweeping powers to the authorities to carry out mass surveillance on citizens and their online activities, sometimes even without accompanying court orders. A major tool for surveillance is SORM- a software created by the FSB, the successor to the Soviet KGB.
As per law, all telecom operators in Russia are now obligated to install SORM at their own expense. According to a recent expose by WikiLeaks, SORM has evolved over the years and the data it can collect is not restricted to Internet traffic or mobile phone communications alone.
The third-generation SORM-3 can now track and collect data from social media platforms and is now equipped with Deep Packet Inspection (DPI) capability which was declared in breach of the European Convention on Human Rights in 2015.
While the active surveillance carried out by the Putin administration may not surprise many, what comes as a surprise is that a private firm is actively working with and helping state agencies conduct surveillance on a large scale.
According to documents leaked by WikiLeaks and dating between 2005 and 2015, a billing services provider called PETER-SERVICE 'appears to be quite actively pursuing partnership and commercial opportunities with the state intelligence apparatus'.
The documents suggest that PETER-SERVICE has more than 1000 employees in different locations in Russia and is now developing cutting-edge software products that help Russian intelligence agencies gain remarkable visibility into the data of Russian subscribers of mobile operators.
Software provided by PETER-SERVICE can capture valuable metadata that include 'phone and message records, device identifiers (IMEI, MAC addresses), network identifiers (IP addresses), cell tower information and much more'. They also help in data retention, long-term storage in SORM, IP traffic analysis and interfaces (adapters) for state agencies to access the archives.
While the Data Retention System (DRS) built by PETER-SERVICE can handle 500,000,000 connections per day and stores metadata locally for a maximum of three years by law, the Traffic Data Mart (TDM) records and monitors IP traffic for all mobile devices registered with telecom operators.
The documents also reveal that instead of upholding citizen privacy, PETER-SERVICE actively advertises the fact that it can collect, manage and analyse "Big Data" for commercial and intelligence purposes.
'From DPI solutions for SORM to contextual advertising, we have the experience and the solution. We are offering to coordinate a scalable national solution for control of the digital network. We strive for effective cooperation within a symbolic network alliance: operator - vendor - search engine - business - state organs,' the company states.
Latest posts by Jay Jay (see all)
- Europol busts international e-commerce fraud ring, arrests 95 fraudsters - 22nd June 2018
- Infosec professionals believe nation-state attacks will rise this year - 22nd June 2018
- Flightradar24 data breach exposed email IDs & hashed passwords of 230,000 customers - 22nd June 2018
- Islington Council asked residents to share credit card details in plain text - 21st June 2018
- Cyber criminals leveraging fake Fortnite for Android apps to generate clicks - 21st June 2018