In form of war in ukraine Unveiled last year, Russia’s best digital spies have turned to new tools to battle the enemy on another front: those opposing the war within their own borders.
To aid the internal crackdown, Russian authorities had assembled an arsenal of technologies to monitor citizens’ online lives. After the invasion of Ukraine, its demand for more surveillance equipment increased. This helped spur a cottage industry of technical contractors, who made products that have become a powerful – and new – means of digital surveillance.
The technologies have given police and Russia’s Federal Security Service, known as the FSB, access to a range of spying capabilities focused on the day-to-day use of phones and websites. According to documents from Russian surveillance providers obtained by The New York Times, the tools can track certain types of activity on encrypted apps like WhatsApp and Signal, monitor phones’ locations, identify anonymous social media users and break into people’s accounts. provide methods. Also security experts, digital activists and a person associated with the country’s digital surveillance functions.
President Vladimir V. Putin Technology is leaning more heavily to harness political power as Russia faces military setbacks in Ukraine, economic sanctions and leadership challenges following an uprising. Yevgeny V. PrigozhinCommander of the Wagner Paramilitary Group. In doing so, Russia – which once lagged behind authoritarian regimes such as China and Iran in using modern technology to exert control – is making rapid strides forward.
“It has made people very nervous, because if you communicate with someone in Russia, you cannot be sure whether it is safe or not. They are very actively monitoring traffic,” said Russian opposition political figure and digital rights activist Elena Popova. “It used to be only for the workers. Now they have extended it to all those who disagree with the war.”
The effort has filled the coffers of a group of relatively unknown Russian technology firms. Many are owned by the Citadel Group, a business that once partially controlled Alisher Usmanovwhich was targeted by the European Union Sanctions As one of Mr Putin’s “favourite oligarchs”. Some companies are trying to expand abroad, increasing the risk that the technologies will not stay inside Russia.
Companies with names such as MFI Soft, VasExperts and Protini typically began manufacturing aggressive parts of Russia. Telecom Wiretapping System before producing more advanced equipment for the country’s intelligence services.
The easy-to-use software that plugs directly into telecommunications infrastructure now offers a Swiss-army knife of espionage possibilities, including engineering schematics, emails and screen shots, according to the documents. The Times obtained hundreds of files from a person with access to internal records, about 40 of which detail surveillance equipment.
A program mentioned in the material can identify when people make voice calls or send files on encrypted chat apps such as Telegram, Signal and WhatsApp. The software can’t intercept specific messages, but it can determine whether someone is using multiple phones, track communications with others and map their relationship networks, and on a given day can triangulate which phones have been in certain locations. Another product may collect passwords entered on unencrypted websites.
These technologies complement other Russian efforts to shape public opinion and suppress dissent. a publicity campaign on state media, and more strong internet censorship and new efforts collect data on citizens And encourage them to report social media posts that undermine the war.
They introduce an off-the-shelf tool kit for dictators who want to exert control over what is said and done online. A document outlining the capabilities of various technology providers referred to the “wiretap marketplace”, a supply chain of equipment and software that pushes the boundaries of digital mass surveillance.
Adrian Shahbaz, vice president of research and analysis at Freedom House, a pro-democracy advocacy group that studies online, said the authorities are “essentially developing a new group of Russian companies that have emerged as a result of the state’s repressive interests.” Harassment. “Spillover effects will be felt first in the surrounding area, then possibly around the world.”
Beyond the ‘Wiretap Market’
Over the past two decades, Russian leaders have struggled to regain control of the Internet. To remedy this, he ordered the system to track phone calls and unencrypted text messages. He then demanded that Internet service providers store a record of all Internet traffic.
Extension Program – formally known as System for Operative Investigative Activities, or SORM Was an imperfect means of surveillance. Russia’s telecom providers often install and update technologies incompletely, which means the system doesn’t always work properly. The amount of incoming data may be excessive and unusable.
At first, the technology was used against political rivals such as supporters Alexey A. NavalnyJailed opposition leader. Digital rights experts said demand for the equipment increased after the invasion of Ukraine. Russian officials turned to local tech companies that built the old surveillance system, demanding more.
According to the US State Department, the move benefited companies such as Citadel, which bought many of Russia’s largest manufacturers of digital wiretapping equipment and controls about 60 to 80 percent of the market for telecommunications surveillance technology. United States announced Sanctions against the Citadel and its current owner, Anton Cherepennikov, in February.
“The military and communications-related sectors are getting a lot of funding right now as they adapt to new demands,” said Ksenia Ermoshina, a senior researcher studying Russian surveillance companies with Citizen Lab, a research institute at the University of Toronto.
New technologies provide Russia’s security services with a wide view of the Internet. A tracking system from MFI Soft, a subsidiary of Citadel, helps display information about telecom customers, along with statistical analysis of their Internet traffic, on a special control panel for use by regional FSB officers, according to a chart does.
Another MFi soft tool, NetBeholder, can map the locations of two phones over the course of the day to find out if they bumped into each other at the same time, indicating a possible meeting between the people.
A separate feature, which uses location tracking to check whether multiple phones are often in the same area, detects if a person is using two or more phones. With full access to telecommunications network subscriber information, NetBeholder’s system can also find out which region in Russia each user is from or which country a foreigner comes from.
Another company, Proti, offers products that provide voice-to-text transcription for intercepted phone calls and tools to identify “suspicious behavior,” according to a document.
Russia’s vast data collection and new tools make a “killer combo,” said Ms. Ermoshina, who said such capabilities are becoming increasingly widespread across the country.
Citadel and Protini did not respond to requests for comment. A spokesman for Mr Usmanov said he “has not participated in any management decisions for many years” involving USM, the parent company that owned Citadel until 2022. The spokesman said Mr Usmanov owns 49 per cent in USM, which sold Citadel because surveillance technology had never been in the firm’s “area of interest”.
VAS experts said the need for its equipment is heightened by the “complex geopolitical situation” and the amount of threats inside Russia. It states that it develops “telecommunications products that include equipment for lawful interception and are used by FSB officers fighting against terrorism,” adding that if the technology could “save at least one life and We work for a reason, if it will save the good of the people.” ,
no way to mask
As authorities crack down, some citizens have turned to encrypted messaging apps to communicate. Yet the security services have found a way to track those conversations, according to files reviewed by The Times.
A feature of NetBeholder uses a technique called deep-packet inspection, which is used by telecommunications service providers to analyze where their traffic is going. Similar to mapping streams of water in a stream, software cannot intercept the content of messages, but it can identify which data is flowing where.
This means it can detect when someone sends a file or connects to a voice call on an encrypted app like WhatsApp, Signal or Telegram. This gives the FSB access to important metadata, which is general information about communications such as who is talking to whom, when and where, as well as whether any files are attached to a message.
In the past, governments were forced to make requests to app makers like Meta to get such information. owns whatsapp, Those companies then decide whether to provide it or not.
The new tool has alarmed security experts and makers of encrypted services. Although many knew such products were theoretically possible, they did not know they were now being made by Russian contractors, security experts said.
Some encrypted app tools and other surveillance technologies have begun to spread outside Russia. Marketing documents show efforts to sell the products in Eastern Europe and Central Asia as well as in Africa, the Middle East and South America. In January, Citizen Lab The report states that the Proteus tool was used by an Iranian telecom company to log internet usage and block websites. Ms Ermoshina said the system had also been spotted in Russian-occupied areas of Ukraine.
For the makers of Signal, Telegram and WhatsApp, there are only a few defenses against such tracking. This is because the authorities are collecting data from internet service providers with a bird’s eye view of the network. Encryption can hide specific messages being shared, but cannot block records of an exchange.
“Signal was not designed to hide the fact that you are using Signal from your own Internet Service Provider,” Meredith WhitakerThe president of the Signal Foundation said in a statement. He called on those concerned about such tracking to use a feature that routes traffic through a separate server to obscure its origin and destination.
In a statement, Telegram, which does not encrypt all messages by default, also said that nothing can be done to hide traffic going to and from chat apps, but said that people can block Telegram traffic. May use features designed to make it difficult to identify and follow. , WhatsApp said in a statement that the surveillance tools were “a serious threat to people’s privacy globally” and that it would continue to protect private conversations.
The new tools will likely change the best practices of those who want to hide their online behavior. In Russia, the mere existence of a digital exchange between a suspect and another person could lead to a deeper investigation or even an arrest, people familiar with the process said.
Mr Shahbaz, a Freedom House researcher, said he expected Russian companies to eventually become rivals to the usual purveyors of surveillance equipment.
“China is the pinnacle of digital authoritarianism,” he said. “But there has been a concerted effort in Russia to make the country’s internet regulations more similar to China’s. Russia will emerge as a competitor to Chinese companies.