WikiLeaks reveals Russia’s surveillance tools, and the company that builds them
20 September 2017 |
A Russian firm offering billing services is now colluding with the country's intelligence agencies and is offering them unmatched surveillance technologies to spy on citizens, claims WikiLeaks.
Russian authorities are using technologies provided by PETER-SERVICE to track phone records, texts, IMEIs and IP addresses of Russian citizens.
Russia's new cyber security law- the Yarovaya Law, offers sweeping powers to the authorities to carry out mass surveillance on citizens and their online activities, sometimes even without accompanying court orders. A major tool for surveillance is SORM- a software created by the FSB, the successor to the Soviet KGB.
As per law, all telecom operators in Russia are now obligated to install SORM at their own expense. According to a recent expose by WikiLeaks, SORM has evolved over the years and the data it can collect is not restricted to Internet traffic or mobile phone communications alone.
The third-generation SORM-3 can now track and collect data from social media platforms and is now equipped with Deep Packet Inspection (DPI) capability which was declared in breach of the European Convention on Human Rights in 2015.
While the active surveillance carried out by the Putin administration may not surprise many, what comes as a surprise is that a private firm is actively working with and helping state agencies conduct surveillance on a large scale.
According to documents leaked by WikiLeaks and dating between 2005 and 2015, a billing services provider called PETER-SERVICE 'appears to be quite actively pursuing partnership and commercial opportunities with the state intelligence apparatus'.
The documents suggest that PETER-SERVICE has more than 1000 employees in different locations in Russia and is now developing cutting-edge software products that help Russian intelligence agencies gain remarkable visibility into the data of Russian subscribers of mobile operators.
Software provided by PETER-SERVICE can capture valuable metadata that include 'phone and message records, device identifiers (IMEI, MAC addresses), network identifiers (IP addresses), cell tower information and much more'. They also help in data retention, long-term storage in SORM, IP traffic analysis and interfaces (adapters) for state agencies to access the archives.
While the Data Retention System (DRS) built by PETER-SERVICE can handle 500,000,000 connections per day and stores metadata locally for a maximum of three years by law, the Traffic Data Mart (TDM) records and monitors IP traffic for all mobile devices registered with telecom operators.
The documents also reveal that instead of upholding citizen privacy, PETER-SERVICE actively advertises the fact that it can collect, manage and analyse "Big Data" for commercial and intelligence purposes.
'From DPI solutions for SORM to contextual advertising, we have the experience and the solution. We are offering to coordinate a scalable national solution for control of the digital network. We strive for effective cooperation within a symbolic network alliance: operator - vendor - search engine - business - state organs,' the company states.
Latest posts by Jay Jay (see all)
- Have these soft skills? Then you are right for a cyber security career - 17th October 2017
- Financial firms embracing IoT despite lack of adequate data security levels - 17th October 2017
- UPDATED: Protocol-level security flaws in WPA2 may affect ALL Wi-Fi devices! - 17th October 2017
- Dutch DPA pulls up Microsoft for collecting user data from Windows 10 devices - 16th October 2017
- Hackers breached Pizza Hut website, stole financial info of customers - 16th October 2017