Ortega Using Russian SORM Tool for Surveillance in Nicaragua

Illustrative photo from Vecteezy.com

SORM technology allows the monitoring of credit cards, e-mail, phone calls, text messages and social media.

By Confidencial

HAVANA TIMES – Since 2018, the regime of Daniel Ortega has been using a Russian technological tool called “System for Operative Investigative Activities” (SORM for its Russian initials) to conduct surveillance in Nicaragua. According to a report from US investigators Douglas Farah and Marianne Richardson, access to that technology has been part of the operations of a network of groups and people with “deep ties” to Russian intelligence and the KGB secret police from the former Soviet Union, “specializing in cryptology and cybernetic activity.”

The report, entitled “Dangerous Alliances, Russia’s Strategic Inroads in Latin America,” details how “this hub makes available multiple advanced Russian state surveillance systems, which are now used by authoritarian regimes in Nicaragua and Venezuela.”

“This Russian technology is responsible for increasing the repressive capacity of the most authoritarian, most anti-US and least transparent regimes,” indicates the report, published last December by the Institute for National Strategic Studies of the US National Defense University.

The SORM platform is used by Russia and other former Soviet nations “for telephone and internet surveillance; it allows the operators to monitor credit card transactions, e-mail, telephone calls, text messages, social networks, Wi-Fi networks and forum posts,” according to information from the US government that Farah provided to Confidencial.

A joint investigation by the organizations Agentura, CitizenLab, and Privacy International indicates that “the tactical and technical bases of SORM were developed by a KGB research institute in the mid-eighties.”

SORM was initially installed on analog telephone lines. As newer technologies were developed, SORM did so as well,” emphasizes the investigation published on the Wired digital site.

“SORM has been brought up to date. It’s ingesting new types of data. It’s being utilized as Moscow’s main tool for spying on the country’s political demonstrators,” the article explains.

A report in the Argentine site Infobae reveals that Russian legislation “allows the Kremlin to obligate the national internet service providers to purchase and install the ‘pathfinders’ used by the SORM system, which in turn allows the Russian Federal Security Service (FSB) to monitor internet traffic, including all on-line communications.”

SORM-3, the version used by the Nicaraguan dictatorship

According to the US government, the SORM system was first established in Russia in 1996 and is licensed by the FSB, the Russian intelligence agency.

An article from the international NGO Access Now notes: “three versions of the system are in use, allowing different levels of surveillance.” “SORM-1 monitors telephone traffic; SORM-2 online traffic; while SORM-3 can supposedly monitor all forms of communication and store up to three years of data,” details the organization dedicated to defending an open and free internet.

The stored intercepted information lets Russia create an “internet portrait” of the citizens they’re keeping watch on.

According to an interview with Douglas Farah on the internet television news program Esta Semana, the Ortega-Murillo regime is using the SORM-3 version. “We know that Russa has provided intelligence equipment from a system called Protei, which is among the most advanced. It can go through text, telephone calls, WhatsApp, superspy, and Daniel Ortega has acquired that equipment.”

However, the analysis of SORM carried out by organizations and journalistic investigations don’t indicate that the system has the capacity to penetrate instant messaging applications with end-to-end encryption, such as WhatsApp and Signal.

End to end coding allows for data exchanged between users – messages, audios, photos, videos or other archives – to remain unseen by third parties. However, the WhatsApp encryption doesn’t protect certain information, such as profile photos, dates, names of groups and descriptions of them.

System produced by the Protei company

“[The system] is a super-efficient one that’s managed by Russia’s Interior Ministry. They’re the owners of the company {Protei],” commented Farah, who covered Latin America for the Washington Post during the nineties and now serves as president of IBI Consultant.

The surveillance software is produced by the Protei Special Technologies Company, a subsidiary of NTC Protei, “a cybersecurity firm that has contracts with Russian military and intelligence agencies for cybersecurity and surveillance services,” according to the US.

Proteis website describes the company as “a provider leader in telecommunications solutions for a broad variety of products that include central networks, roaming, messaging, added value and customer services.”

The company operates in Europe, Central Asia, Mexico, Colombia and Venezuela in Latin America, Russia, the Middle East, and Africa.

Confidencial sent an interview request and a request for further information to the e-mail address that Protei posts on its website. As of press time for this article, there was no response.

Training for the National Police

According to the report by Farah and Richardson – who dedicated an entire chapter of their report to the Russian connection to the Ortega-Murillo regime and the repression in Nicaragua – when the civic protests against the dictatorship exploded in April 2018, Russian colonel Oleg Surov, director of the Russia-run Center for Police Training in Managua, was ordered to train a select group of Nicaraguan police through classes titled “Modern Means and Methods to Combat Extremism and Terrorism.”

The Russian colonel provided techniques for “digital and technological surveillance” that the report says improved the Nicaraguan regime’s capacity to “repress and control civil society.”

As part of the follow-up to that initial training, three years later, 20 Nicaraguan police officials also attended another course on “the fight against computer information crime” given by the Russian Ministry of Internal Affairs. The course was especially focused on surveillance techniques.

“Since then, Ortega’s primary enforcer and national security advisor, Nestor Moncada Lau, who was sanctioned by the US government for violently suppressing the protests in 2018, established a new permanent structure within the Nicaraguan National Police to carry out intelligence and surveillance activities with Russian advisers,” reveals the report authored by Farah and Richardson.

That center of surveillance is located on the second floor of Nicaragua’s Telcor building (Institute for Telecommunications and Postal Services), whose general director is Nahima Diaz Flores, daughter of the Nicaraguan head of police Francisco Diaz, who in turn is related through marriage to Daniel Ortega.

The regime’s surveillance techniques

The SORM system joins other surveillance methods used by the regime, as revealed by a report in Confidencial. Last October, the media outlet published a report on the existence of 39 “fake antennas” in Nicaragua, used for electronic spying. These antennas allow the capture of users’ private information.

The publication, based on an analysis of the South Lighthouse organization, dedicated to research and development technologies at the service of human rights, and their study “Fake Antenna Detection Project,” detailed the sites where these “fake antennas” or IMSI-Catcher devices operate. Among the most notable sites are the Hugo Chavez roundabout in Managua and Nicaragua’s international airport.

The IMSI-catcher devices act as “fake antennas” that intercept technological signals and capture the traffic from mobile devices. This includes conventional phone calls, the destination or origin of these calls, text messages, SIM card codes, the location of the telephone, and in some cases direct overhearing of telephone conversations.

In October 2018, Confidencial published an article stating that the Ortega dictatorship purchased spyware and intelligence collection programs from private Israeli technology companies. “These programs could seize all smartphone activity, such as the user’s location, sites they visited and personal contacts. In addition, these technological tools can convert the phone into a secret recording device.”

According to an investigation from the Israeli daily Haaretz, these programs have been used in different countries, including Nicaragua, to “localize and detain human rights activists, pursue members of the LGBTQI community, and silence citizens who criticize their government.”

In 2017, the Citizen’s Lab Institute from the University of Toronto, Canada, included Nicaragua among the Latin American countries that spy on their citizens.

Read more from Nicaragua here on Havana Times