Security vendor UpGuard announced a data breach this week, saying its researchers found 1.7TB of data on a public rsync server, and the data content revolves around Russia’s network monitoring system SORM.
It is reported that the full name of SORM is “System for Operative Investigative Activities”, which allows the Russian Federal Security Service (FSB) to legally intercept the communication network in Russia. It existed as early as 1995.
The incident involved Nokia Networks and Russia’s telecommunications company Mobile TeleSystems, which finally confirmed that the data was leaked due to the personal negligence of Nokia employees. Nokia confirmed that this was because a Nokia employee took the old work files home and inserted the filed mobile hard disk into the computer. Due to the lack of security configuration, they could be accessed without authentication. After learning about this, Nokia had asked employees to take the device offline and bring the file back to Nokia.
The document shows that Nokia is one of the suppliers of Russian SORM systems, designing and building SORM systems for local telecommunications or network providers. The Russian government originally only required telecom companies to have built-in SORM systems to facilitate government monitoring of calls or text messages, but recently it has also begun to require ISPs and other network vendors to install SORM systems.
Among the leaked 1.7TB files, there are up to 700GB of video files, letting people know about the hardware configuration of SORM, such as a SORM device may be about the same size as a washing machine or a refrigerator, as well as a floor plan of a network device.
The document shows that SORM systems are installed in at least 16 cities in Russia, and law enforcement agencies can access these systems via VPN or other means.
However, UpGuard said that due to the existence of this portal, other countries including the United Kingdom and the United States also have the opportunity to monitor traffic in Russia, because access rights do not seem to be safe.
Published by Emerson L. Sullivan & last updated on September 23, 2019 2:19 am