Cyber Crime
Russian SORM Surveillance Technology is Capable of Intercepting Any Communication; Government Procurement Underway
A growing number of governments in Central Asia and Latin America have adopted the System for Operative Investigative Activities (SORM), a sophisticated wiretapping technology developed by Russian companies.
This expansion amplifies their surveillance capabilities—and potentially those of Russian intelligence—by enabling the interception of vast amounts of digital communications.
According to threat intelligence firm Recorded Future, nations such as Belarus, Kazakhstan, Kyrgyzstan, Uzbekistan, Cuba, and Nicaragua have likely implemented SORM.
The system involves surveillance equipment installed within telecommunications providers’ facilities, giving intelligence agencies access to sensitive data, including phone numbers, device identifiers, geolocations, email addresses, and IP addresses.
Registrations Open for FutureCrime Summit 2025: India’s Largest Conference on Technology-Driven Crime
A Growing Threat to Privacy
Recorded Future analysts warn that Western companies, travelers, and citizens should be vigilant when engaging with or traveling to nations with weak civil protections against surveillance.
“While no country’s surveillance framework is entirely abuse-proof, systems like SORM, particularly in states with histories of oppressive monitoring, pose significant risks,” a Recorded Future analyst noted.
These risks extend to human rights defenders, journalists, activists, and foreign visitors, who may be targeted without their knowledge.
Global Surveillance on the Rise
Russia’s SORM technology underscores the global proliferation of digital surveillance tools. Like NSO Group’s Pegasus and Intellexa Consortium’s Predator, SORM has become part of a broader trend where authoritarian governments acquire advanced spyware to monitor dissent and silence critics.
The Atlantic Council recently reported that 41% of countries worldwide, including 14 EU nations, have licensed commercial spyware.
While surveillance tools are often justified for combating crime or gathering intelligence, their deployment in states with limited civil liberties often leads to abuse.
“Spyware allows governments to infiltrate even the most secure devices and platforms,” the Atlantic Council analysts stated. “This power is frequently misused to suppress dissent, target activists, and even spy on foreign officials.”
Russia Joins the Spyware Superpowers
The Atlantic Council identified 435 entities linked to spyware, with the majority tied to Israel, Italy, and India. Russia, however, is emerging as a major player.
SORM-compliant technology, mandated by Russian law, is installed and serviced by Russian companies such as Citadel, Norsi-Trans, and Protei.
These firms reportedly export their surveillance products to at least 15 telecommunications providers across multiple countries, potentially granting Russia access to intercepted communications.
[Nominate for ‘Women in Cyber’]
Surveillance as a Growing Industry
Vitor Ventura, a manager at Cisco’s Talos threat intelligence group, highlights the growing demand for surveillance technology.
“The appetite for these tools has increased significantly,” Ventura explained. “Prices have dropped, making them accessible to any government with the resources to invest.”
The spread of SORM mirrors concerns raised by the U.S. regarding Russian cybersecurity firm Kaspersky, whose products were banned in 2024. Recorded Future’s analysts caution that SORM providers pose similar risks, as their technologies grant governments vast intelligence-gathering capabilities.
Mitigating the Risks
Organizations operating in regions with weak privacy protections must adopt robust encryption tools and educate employees about digital safety. However, Recorded Future warns that even VPN providers in these nations may be subject to surveillance laws, potentially exposing user data to government scrutiny.
Russian firms like Protei are actively marketing SORM at trade shows in Africa, the Middle East, and Latin America, signaling that the technology’s reach may soon extend further.
As digital surveillance becomes more accessible and pervasive, the risks to privacy and civil liberties grow. Staying informed and proactive is essential to navigating this evolving threat landscape.
