Wikileaks Publishes "Spy Files Russia" Detailing Russia's Mass Surveillance System

Perhaps in an attempt to refute recurring allegations that it has traditionally focused on exposing only US state secrets, if not being an outright covert and subversive Moscow front, today Wikileaks released a new cache of documents which it claims detail surveillance apparatus used by the Russian state to spy on Internet and mobile users. It’s the first time the organization has leaked material directly pertaining to the Russian state.

The full datadump can be found here.

In its summary of the cache of mostly Russian-language documents, Wikileaks claims they show how a long-established Russian company which supplies software to telcos is also installing infrastructure - with the government's blessing - that enables Russian state agencies to tap into, search and spy on citizens’ digital activity, suggesting a similar state-funded mass surveillance program to the one utilized by the U.S.’s NSA or by GCHQ in the U.K. (both of which were detailed in the 2013 Snowden disclosures).

And speaking of, shortly following the publication, another famous whistleblower, one also exiled and currently residing in Russia, Edward Snowden tweeted "Plot twist: @Wikileaks publishes details on Russia's increasingly oppressive internet surveillance industry."

To be sure, arguments have already broken out on Twitter suggesting that Wikileaks/Assange is trying to deflect from charges that it is a front for the Kremlin by finally dumping "something" on Russia. (see this tweet comment thread as one example). Making matters more complicated, it’s not possible at this point to verify the value or veracity of the latest Wikileaks document release.

The documents published today by Wikileaks (there are just 34 “base documents” in this leak) relate to a St. Petersburg-based company, called Peter-Service, which it claims is a contractor for Russian state surveillance. According to Tech Crunch, the company was set up in 1992 to provide billing solutions before going on to become a major supplier of software to the mobile telecoms industry.

Wikileaks writes:

The technologies developed and deployed by PETER-SERVICE today go far beyond the classical billing process and extend into the realms of surveillance and control. Although compliance to the strict surveillance laws is mandatory in Russia, rather than being forced to comply PETER-SERVICE appears to be quite actively pursuing partnership and commercial opportunities with the state intelligence apparatus.

 

As a matter of fact PETER-SERVICE is uniquely placed as a surveillance partner due to the remarkable visibility their products provide into the data of Russian subscribers of mobile operators, which expose to PETER-SERVICE valuable metadata, including phone and message records, device identifiers (IMEI, MAC addresses), network identifiers (IP addresses), cell tower information and much more. This enriched and aggregated metadata is of course of interest to Russian authorities, whose access became a core component of the system architecture.

One of Wikileaks’ media partners for the release, the Italian newspaper La Repubblica reports that the documents cover “an extended timespan from 2007 to June 2015”, and describes the contents as “extremely technical”. It also caveats that the documents do not mention Russia’s spy agency, the FSB, but rather “speak only of state agencies”, a formula it asserts “certainly includes law enforcement, who use metadata for legal interception”. It also says the documents do “not clarify what other state apparatus accesses those data through the solution of the St. Petersburg company”.

Wikileaks says that under Russia law operators must maintain a Data Retention System (DRS), which can store data for up to three years. La Repubblica reports that Peter-Service’s DRS stores telephone traffic data and “allows Russian state agencies to query the database of all stored data in search of information” — which it specifies can include calls made by a certain telephone company’s customer; payment systems used; the cell phone number to which a user is calling.

“The manuals published by WikiLeaks contain the images of interfaces that allow you to search within these huge data fields, so access is simple and intuitive,” it adds.

Some technical details:

  • According to Wikileaks, Peter-Service’s DRS solution can handle 500,000,000 connections per day in one cluster. While the claimed average search time for subscriber related-records from a single day is ten seconds. “State intelligence authorities use the Protocol 538 adapter built into the DRS to access stored information,” it adds.
  • Peter-Service has also apparently developed a tool called TDM (Traffic Data Mart) — which allows the database to be queried to determine “where users’ data traffic is stored in order to understand visited sites, forums, social media”, as well as how much time is spent on a certain site and the electronic device used to access it.
  • Wikileaks describes TDM as “a system that records and monitors IP traffic for all mobile devices registered with the operator”,  and says it maintains a list of categorized domain names — “which cover all areas of interest for the state. These categories include blacklisted sites, criminal sites, blogs, webmail, weapons, botnet, narcotics, betting, aggression, racism, terrorism and many more”.
  • “Based on the collected information the system allows the creation of reports for subscriber devices (identified by IMEI/TAC, brand, model) for a specified time range: Top categories by volume, top sites by volume, top sites by time spent, protocol usage (browsing, mail, telephony, bittorrent) and traffic/time distribution,” it adds.

Wikileaks points to a 2013 Peter-Service slideshow presentation (it says this also appears to be publicly available on the company’s website), which it claims is targeted not at telco customers but at state entities such as Russia’s FSB and Interior Ministry (despite this document apparently being in the public domain) — in which the company focuses on a new product, called DPI*GRID; which it says is a hardware device for Deep Packet Inspection that takes the form of “black boxes” apparently able to handle 10Gb/s traffic per unit.

Wikileaks adds that “the national providers are aggregating Internet traffic in their infrastructure and are redirecting/duplicating the full stream to DPI*GRID units. The units inspect and analyse traffic (the presentation does not describe that process in much detail); the resulting metadata and extracted information are collected in a database for further investigation. A similar, yet smaller solution called MDH/DRS is available for regional providers who send aggregated IP traffic via a 10Gb/s connection to MDH for processing.”

Wikileaks also makes a point of noting that the presentation was written “just a few months after Edward Snowden disclosed the NSA mass surveillance program and its cooperation with private U.S. IT-corporations such as Google and Facebook”.

“Drawing specifically on the NSA Prism program, the presentation offers law enforcement, intelligence and other interested parties, to join an alliance in order to establish equivalent data-mining operations in Russia,” it adds — sticking its boot firmly back into U.S. government mass surveillance programs.

The full release can be found here.

Comments

DisorderlyConduct CH1 Tue, 09/19/2017 - 12:18 Permalink

I never got the idea that Wikileaks was about saints and sinners but about hypocrisy. The US govt pretends to be based upon law, and yet it ignores law at its whim. Hence the leaks to expose US hypocrisy.To the extent that Wikileaks exposes hypocrisy they are an asset to all people and an enemy of all govt that would ignore the rule of law. To the extent that they are just an outlet for secrets, they are arguably an enemy to all. Do these latest docs on Russia expose hypocrisy or simply secrets? I see the US as being hypocritical with Prism, but did Russia ever say they wouldn't do what they did? Is it against their core values?I think people who hate Wikileaks like John McCain don't see their own inherent hypocrisy as a problem. They think all secrets are equal. Such is the thought process of the psychopath.

In reply to by CH1

Chupacabra-322 DisorderlyConduct Tue, 09/19/2017 - 16:03 Permalink

"Manafort has been under an ongoing wiretap, approved by the FISA courts, going back to 2014 and tied to his consulting arrangements with Ukraine's former ruling."

Ha! That's nothing.

The entire US populace has been under metadata surveillance since that little pesky AT&T room 641A & since October 2001. Right after the False Flag of 911.

#Vault7
#UMBRAGE

According to the Times piece, the siphoning of internet data from AT&T began in 2003 and continued for a decade in a relationship that the NSA called “highly collaborative.” The telecom giant, according to one Snowden document, was extremely willing to help out the spy agency, and its engineers “were the first to try out new surveillance technologies invented by the eavesdropping agency.”
According to the Times, AT&T began turning over emails and other internet data to the spy agency around October 2001, even before the secret rooms were built, in a program dubbed “Fairview.” The program forwarded 400 billion Internet metadata records to the NSA’s headquarters at Ft. Meade in Maryland—which included the senders and recipients of emails and other details, but not the content of the correspondence. AT&T also forwarded more than one million emails a day to be run through the NSA’s keyword selection system. In September 2003, AT&T apparently enabled a new collection capability for the spy agency, which amounted to a “‘live’ presence on the global net.” The Times doesn’t elaborate on what this involved.

https://www.wired.com/2015/08/know-nsa-atts-spying-pact/

The Illegal, Criminal surveillance continues to this day with Impunity especially after the Criminal Centralized Telecommunications Companies were given retroactive immunity by a Criminal, Tyrannical Lawless Supreme Court.

It's the exact reason why the absolute, complete, open in your Face

Tyrannical Lawlessness

continues to this day.

But in the US, large and powerful actors must not be and are not subject to the rule of law. So telecoms hired former government officials from both parties to lobby for them and poured money into the coffers of key Democratic Senators such as Intelligence Committee Chairman Jay Rockefeller (who became the chief advocate of telecom immunity).

In 2008, the industry obtained an extraordinary act of Congress that gave them the gift of retroactive immunity from all criminal and civil liability for their participation in the illegal eavesdropping programs aimed at Americans on US soil. The immunity was enacted by an overwhelming bipartisan vote, with the support of leading Democrats including Barack Obama, who had promised - when seeking his party's nomination - to filibuster any bill that contained retroactive telecom immunity.

https://www.theguardian.com/commentisfree/2012/oct/10/supreme-court-tel…

In reply to by DisorderlyConduct

Consuelo Tue, 09/19/2017 - 11:05 Permalink

  In the end, all you can trust are your basic instincts/intuitions.    We're near a point where there is almost nothing or anyone you can believe to give a straight answer or the facts as they are.

nevertheless Consuelo Tue, 09/19/2017 - 11:28 Permalink

EXACTLY The greater the appearance of "impartiality, the more likely they are controlled.  Obama was sold as the Peace President", he was anything but.Trump is sold as a man who would focus on America, he has not, and will most likely grant amnesty... If they allow us to hear it, and use it in their narratives, it is a lie. 

In reply to by Consuelo