The FSB monitors Whatsapp – This is how it affects Finns

The Russian authorities have even better tools to monitor the activities of their citizens. Adobe Stock / AOP

After the start of the war in Ukraine, the Russian security authorities have strengthened their ability to monitor the digital communications of their citizens, says The New York Times.

According to a US newspaper, the Russian security service FSB has developed several new digital surveillance methods, which are especially used to monitor internal data traffic.

The information is based on numerous documents obtained by the newspaper from surveillance authorities, as well as interviews conducted with information security experts, technology activists and an anonymous source involved in Russian digital surveillance.

Let’s catch the metadata

The surveillance methods used by the FSB are, for example, the monitoring of the data traffic of encrypted messaging applications such as Whatsapp, Signal and Telegram.

Although these applications use end-to-end encryption, which prevents outsiders from reading messages or phone calls, the Netbeholder tool from a software company called MSI Soft allows authorities to access message metadata.

Metadata tells, among other things, who communicates with whom, when and where the conversation takes place, and whether the user has sent attachments.

Tools like Netbeholder can also collect location data, which can be used to determine who a person is in contact with and where they move. Similarly, the tool can be used to find out if a person uses more than one phone.

In order to obtain such information, governments previously had to request it from the producers of the applications.

The information security experts interviewed by NYT are concerned that Russia now has the ability to develop sophisticated mining tools.

An oligarch in the background

According to NYT, MSI Soft’s second tool offers information about subscribers to the telecommunications network and their network usage. The software developer Protei, on the other hand, offers technology that can be used to convert eavesdropped calls into text and identify “suspicious activity”.

MSI Soft and its parent company Citadel are on the US sanctions list, and Citadel’s former co-owner, oligarch Ališer Usmanov, has close ties to President Vladimir Putin. According to the US State Department, Citadel controls between 60 and 80 percent of the telecommunications surveillance technology market.

According to NYT, attempts have been made to sell Russian-made digging tools to, for example, Eastern Europe, Central Asia, Africa, the Middle East and South America. In addition, Protei products are used, for example, in Iran to monitor internet usage and block access to certain websites.

Expert: No danger

Director of the Finnish Transport and Communications Agency Traficom’s Cybersecurity Center Jukka-Pekka Juutinen there is still no danger in using instant messaging services.

– The question is about metadata, which means that the FSB cannot see the content of the message even in Russia. They just seem to have gained more rights to control their own citizens.

Juutinen says that a third party can only see the content of an encrypted message if the encryption has been successfully decrypted or if malware has been injected into the device using the instant messaging program.

– Or it would require access to the telecom operators’ network. For example, in Finland, where the protection of privacy is extensive, the authority requires a court decision for wiretapping.

Juutinen says that in those countries where privacy protection is weak, there is also more electronic surveillance by the authorities. They are also often the forerunners of urking.

According to him, monitoring tools are usually developed by state-run companies, because a lot of resources are required to go through the data.

So do Finns have reason to worry?

– At least I will continue to use WhatsApp with complete peace of mind.