Russian telecommunications, Oko Tower, Moscow
Telecommunications hardware atop the Oko Tower in Moscow in 2018. Image: Andrey Filippov / Wikimedia Commons / CC BY 2.0

Russia’s vast telecom surveillance system crippled by withdrawal of Western tech, report says

The hardware and software required for the Russian telecommunications sector to maintain the country’s electronic surveillance system, known as the System for Operative Investigative Activities (SORM), are increasingly unavailable, significantly undermining the Russian government’s Orwellian domestic spying system, according to a new report.

Western sanctions and export controls put in place after Russia’s invasion of Ukraine have succeeded at blocking the Russian government from purchasing the technology it needs to prop up its sweeping surveillance of internet traffic and phone calls — a devastating blow since Russia- and China-produced tech isn't sophisticated enough to maintain SORM, the paper from a researcher at Carnegie Endowment for International Peace (CEIP) argues.

SORM dates to 1995 and is an intercept system under which the Russian Federal Security Services (FSB) can obtain telecommunications’ data, including call logs, the content of phone calls, web traffic and emails.

In March 2022 the Finnish company Nokia stopped selling its equipment to Russia, but failed to disclose it had previously outfitted the sprawling SORM system, according to the New York Times.

SORM has been used to monitor supporters of Russian opposition leaders like Aleksei A. Navalny and to intercept phone calls of an enemy of the state who was later killed, the Times reported, noting that the system has also likely been used to repress Russian activists who oppose the Ukraine war.

Russia has intensified its grip on domestic internet service providers (ISPs) in the wake of the invasion, and by summer 2022 the Russian Digital Ministry moved beyond fines and began stripping ISPs of their operating licenses if they were found to be out of compliance, says the paper, written by CEIP senior fellow Gavin Wilde.

The SORM system also has had a profound impact on Russians’ ability to get unbiased information about the Ukraine war.

Russian authorities “began piggybacking on SORM infrastructure to block traffic from, and access to, thousands of Western websites and services,” the paper says. “In practice, the standard for digital communications in Russia — for which SORM is a centerpiece — is now ‘that which cannot be surveilled or censored will not be transmitted.’”

However, the longer the sanctions endure the less effective SORM becomes, Wilde argues.

Tough to upgrade

Tech companies likely make up about 20% of the Western entities that withdrew from Russia in the wake of the war, the paper says, asserting that, among other things, the withdrawal killed the Russian Digital Ministry’s plans for a 5G rollout due to the lack of Western equipment.

“SORM can really only be as good and powerful as the [Russian] telecommunications providers can be and right now the telecommunications providers are in pretty dire straits,” Wilde said in an interview with Recorded Future News. “That is because of the war and the inability to get Western technology into the country.”

Wilde said that while equipment from Nokia and Ericsson is already in place, it can’t be serviced and updated, making it increasingly ineffective. While Nokia and Ericsson have said they will no longer install their equipment in Russia, Wilde said it is possible they could license their products to Russia to be manufactured in house.

“I'm giving them the benefit of the doubt,” Wilde said of that possibility. “Now that particularly Finland is in NATO and Sweden is likely to join, I wonder how much these companies are willing to say, ‘Look, we will have absolutely nothing to do in any way, shape or form with the Russian telecommunications sector.’”

Nokia and Ericsson together had serviced nearly half of the total cellular base stations in Russia, Wilde said.

“If they turn off that spigot so now you can't get serviced and you can't update it, if you're the Russian telecommunications sector you're on a shot clock as far as when it breaks and when it gets outdated, much less updating to 5G,” Wilde said. “SORM is now beset by a potentially crippling web of dependencies.”

Get more insights with the
Recorded Future
Intelligence Cloud.
Learn more.
What is Threat Intelligence
No previous article
No new articles
Suzanne Smalley

Suzanne Smalley

is a reporter covering privacy, disinformation and cybersecurity policy for The Record. She was previously a cybersecurity reporter at CyberScoop and Reuters. Earlier in her career Suzanne covered the Boston Police Department for the Boston Globe and two presidential campaign cycles for Newsweek. She lives in Washington with her husband and three children.