Russia in all the cities has large boxes in locked rooms that are directly connected to the networks of some of the country’s largest phone and internet companies. These boxes give the Russian security services access to the calls and messages of millions of citizens. This government surveillance system remains largely shrouded in secrecy, even though phone and web companies operating in Russia are forced by law to install these large devices on their networks.
Documents seen by TechCrunch offer new insight into the scope and scale of the Russian surveillance system — known as SORM (Russian: COPM). The documents were found on an unprotected backup drive owned by an employee of Nokia Networks, which through a decade-long relationship maintains and upgrades MTS’s network — and ensures its compliance with SORM. Chris Vickery, director of cyber risk research at security firm UpGuard, found the exposed files and reported the security lapse to Nokia.
“A current employee connected a USB drive that contained old work documents to his home computer,” said Nokia spokesperson Katja Antila in a statement. “Due to a configuration mistake, his PC and the USB drive connected to it were accessible from the internet without authentication.” The exposed data — close to 2 terabytes in size — contain mostly internal Nokia files. But a portion of the documents reveals Nokia’s involvement in providing “lawful intercept” capabilities to phone and internet providers, which Russia mandates by law.
SORM, an acronym for “system for operative investigative activities,” was first developed in 1995 as a lawful intercept system to allow the Federal Security Services (FSB) to access telecoms data, including call logs and content of Russians. Since the system’s expansion in recent years, several government agencies and police departments can now access citizens’ private data with SORM.