U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|
Advertisement

Ad Placeholder

Full Width × 90

Crypto

New powers for the Russian surveillance system SORM-2

The Russian Prime Minister Dmitry Medvedev has signed a decree that will extend the use of SORM-2 to social network surveillance. It’s known that the Russian Government is applying a strict surveillance on the Internet within the country, the Kremlin has developed a system code named “SORM-2” to monitor Russian citizens. The Russian Government has […]

New powers for the Russian surveillance system SORM-2

The Russian Prime Minister Dmitry Medvedev has signed a decree that will extend the use of SORM-2 to social network surveillance.

It’s known that the Russian Government is applying a strict surveillance on the Internet within the country, the Kremlin has developed a system code named “SORM-2” to monitor Russian citizens.

The Russian Government has obliged national ISPs to purchase and install the probes used by SORM-2 system that allows the Federal Security Service (FSB) to monitor Internet traffic including online communications.

SORM-2 is a mass surveillance system that allows the Government of Moscow to track online activities of single individuals thanks to the support of Russian ISP.

sorm-2

Last week, Russian Prime Minister Dmitry Medvedev signed a decree (N743) that will extend the use of SORM-2 to the monitoring of social media platforms, including social network websites and any other services that allows to establish a communication between two users (e.g. chat, forums).

The new decree obliges companies like Facebook and Google to install SORM-2 probes that will allow the FSB to monitor Internet users. Russian companies are apparently surprised by the decree.

“Once again, it’s unclear what we’re supposed to do, what the actual requirements are, and how much all this will cost,” said Anton Malginov, legal head of the Mail.ru, which owns the popular Russian social network Odnoklassniki.ru.

A Yandex representative declared the company received no advanced notice of the change.

The technical details of the improvements announced by Medvedev are not available and probably it will impossible to know them because the order prohibits websites from disclosing information on government’s surveillance.

The decree is aligned with the controversial control operated by the Russian Government on blogs, let’s remember that the authorities have created an official registry for bloggers than imposed to the writers media-focused regulations.

Practically the Government is applying a strict control on the content published by bloggers menacing repercussions in case it doesn’t meet Moscow’s regulations.

Personally, I believe that SORM-2 was already installed at least by Russian social media, the decree will extend its capabilities to foreign companies that intend to operate in the country. Anyway don’t forget that the Russian Government could access to the traffic routed by national ISPs.

After the August 1th, the “Law on Bloggers” obliges social networks to maintain data for six months and the company has to pay for additional storage costs.

For sure SORM-s surveillance doesn’t threaten Internet users, but represents a serious menace for bloggers that write on sociopolitical issues, and for users that actively promote discussion on social networks on the same topics.

[adrotate banner=”9″] [adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – SORM, surveillance)

[adrotate banner=”5″]

[adrotate banner=”13″]