What is the issue?
An unprotected backup drive that contains 1.7 terabytes of data has exposed the installation details of SORM hardware by Nokia in coordination with Mobile TeleSystems (MTS).
What is SORM?
System for Operative Investigative Activities, also known as SORM is a surveillance system by which telecommunications can be intercepted and inspected by Russia’s FSB and other law enforcement agencies.
What was exposed?
The unprotected drive includes data from at least 64 Russian telecommunications providers, however, the primary entities impacted by the data leak are Nokia and Mobile TeleSystems.
The numbers that matter
What’s the conclusion?
UpGuard researchers who uncovered the data leak contacted Nokia on September 9, 2019, and notified them about the exposure. To which no response was received.
Later, on September 11, 2019, UpGuard reached out to a U.S. government regulator in order to secure the exposed files. Upon which, Nokia's Head of Information Security in Finland called UpGaurd and provided the IP address of the exposed rsync server. The exposed server was then secured and the files were no longer publicly accessible.
“Even as data exposures are endemic to digital business, this case stands out for its potential nation-level consequences. In particular, it highlights the concerns that arise when data exposures intersect with federal systems: whenever power is centralized in software, the inevitable exposure of that information gives whatever power the owner had to unknown third parties,” UpGuard researchers said in a blog.