Thousands of Russian video-surveillance systems used by Ukrainian cities, infrastructure, private companies, and ordinary homes can relay footage to Moscow-based servers owned by big Russian companies that service the Russian government and military, Schemes, the investigative unit of RFE/RL’s Ukrainian Service, has learned.
The State Service of Special Communications and Information Protection told Schemes it had warned the government that TRASSIR video-surveillance systems, which are sold by the Moscow-based firm DSSL, pose a security threat.
Technical experts, including a TRASSIR specialist, and one former senior Security Service of Ukraine (SBU) officer echoed that assessment.
“If this camera was located on some critical infrastructure facility, there may be a question about what the employees on the other side and the owners of that server see, and how they use that information for military purposes,” said Serhiy Denysenko, executive director of the Ukrainian information-security company CyberLab’s Digital Forensics Laboratory. By “the other side,” he meant Russia.
Russia launched its full-scale invasion of Ukraine in February 2022. To date, the Ukrainian government has issued no public warning against using the TRASSIR video-surveillance systems. However, after Schemes published a report on the results of its investigation, on December 7, Internal Affairs Minister Ihor Klymenko vowed that state authorities would conduct a “thorough check” of the journalists’ findings.
"Of course, it is unacceptable when any camera, even hypothetically, can be connected and transmit information, especially during wartime, to any [foreign] country," Klymenko said on national television the following day.
The shuttered Chernobyl nuclear power plant, which was occupied by Russian forces for over a month at the start of the invasion, is among the sensitive government-run sites that have used TRASSIR video-surveillance systems, according to the import-export database ImportGenius and a letter from a Chernobyl representative to DSSL. Others include the Ukrainian Sea Ports Authority and the Maritime Search and Rescue Service in the Black Sea port city of Odesa, according to the public procurement database Prozorro.
Purchases were made both before and after Russia occupied the Black Sea peninsula of Crimea and fomented war in the eastern Donbas region in 2014.
The strategically important southern city of Kherson, which Russian forces occupied for months in 2022 before retreating that November, and which they continue to bombard frequently, bought TRASSIR for video surveillance of public spaces, the database shows. Other purchasers include the industrial cities of Nikopol, Poltava, and Slavutych, all of which have faced Russian attacks.
Schemes found no evidence that the Russian military or security services are using TRASSIR-system footage to target these specific locations. Less than a week into the full-scale invasion, Kyiv blocked access to the Russia-based Internet servers that TRASSIR uses. Most of the Ukrainian companies or facilities that have used TRASSIR and responded to questions from Schemes said that they used the Russian software in a closed local network, to reduce the risk of data leakage, or that they had stopped using it.
Yet Schemes and digital-security experts determined that the TRASSIR systems still can access these servers via virtual private networks (VPNs), which conceal a user’s location and are widely used in Ukraine.
The Kremlin’s Camera Connection
TRASSIR, owned by DSSL, is an established brand name for camera surveillance in Russia: The broadcast hub for Russian national TV channels, Moscow’s Ostankino Tower, the Tomsk region’s government headquarters, and a St. Petersburg bridge all use the TRASSIR CCTV system, according to the DSSL website. Altogether, the company claims 150 partners in Belarus, Bulgaria, Kazakhstan, Kyrgyzstan, Moldova, Romania, and Russia.
The system, which TRASSIR claims can be used at sites ranging from “a small store to an airport,” mostly uses cameras from the Chinese company Hikvision, but the software that transmits the cameras’ footage is TRASSIR’s own.
The import-export database ImportGenius shows that Ukrainian companies imported over 10,000 cameras and video recorders from the TRASSIR surveillance system from 2016 until Kyiv ended all Russian imports in February 2022. Those numbers do not take possible illegal imports into account.
Digital security activists told Schemes that cameras equipped with the TRASSIR software can transmit video to Russian servers. Separately, a 2019 promotional article said that a number of government-run facilities and private companies were among the Ukrainian entities using TRASSIR’s camera systems.
To confirm the activists’ findings, Schemes collaborated with the Digital Forensics Laboratory and the Digital Security Laboratory, a Kyiv-based nonprofit, to test the TRASSIR video-surveillance system. Schemes bought one of the cameras online; the activists, who requested anonymity, provided several cameras from the TRASSIR surveillance system and a video recorder.
Using a VPN to skirt Ukraine’s block on Russian servers, Digital Security Laboratory specialist Natalia Onishchenko determined that, aside from other destinations, such as Google in the United States, the camera sends data-transfer requests to a Russia-based subdomain of TRASSIR’s website,, m30.ru.cloudtrassir.com.
A domain-name tracer revealed that this subdomain‘s Internet Protocol (IP) address, the string of numbers that identifies it online, belongs to a Moscow company called Digital Network.
Digital Network is an Internet service provider (ISP) that is part of a large Russian corporation and is known by the brand name msm.ru. Its clients include the Internet company Yandex, whose products include Russia’s dominant search engine, and the Russian Defense Ministry’s TV channel, Zvezda.
Records from Russia’s portal for government contracts, EIS Zakupki, show that Digital Network provided Internet access to “military unit 43753,” otherwise known as the Center for Information Protection and Special Communication, between 2015 and 2017. The Center, part of the Federal Security Service (FSB), Russia’s main intelligence agency, monitors and evaluates software and assists the FSB with decryption.
The TRASSIR system’s software also sent a data request to a server that belongs to the massive private Russian IT company VK, another of the Kremlin’s corporate comrades, which, according to one German researcher, is “state-controlled and pursues ideological and intelligence goals” for the Kremlin. VK founded the popular social-media networks VK and Odnoklassniki, and owns the widely used email system Mail.ru.
Under Russia’s 2019 Sovereign Internet Law, Russian IT companies are obliged to install equipment that allows the federal communications agency Roskomnadzor to monitor their Internet traffic. An earlier regulation, part of the so-called Yarovaya amendments, stipulates that IT companies preserve data, including video footage, for six months and turn it over to Russian state structures upon demand.
Such legislation means that “access to all resources stored in Russia is possible for the special services and law enforcement agencies even without court decisions,” said Ukrainian counterintelligence specialist Viktor Yahun, a reserve SBU major general who formerly worked on counterintelligence operations against the FSB.
"Everything related to information, the Internet, communication -- all this is united in this center,” he said.
A Blocked Purchase
Yury Shyhol, a former director of Ukraine’s State Service of Special Communications and Information Protection, which oversees cybersecurity, told Schemes in a written response that the agency had warned “security and defense sector ministries” in May 2022, some three months into Russia’s full-scale invasion, that DSSL and TRASSIR cooperate with Russian security ministries and services.
Shyhol did not elaborate about the Ukrainian ministries’ response, but Schemes could find no indication that the government has issued a public warning about the TRASSIR video-surveillance systems or attempted to stop their sale within Ukraine.
In response to Schemes’ query about TRASSIR, the SBU said that it could not discuss counterintelligence activities. It mentioned a 2020 case, however, in which it blocked the 8-million-hryvnya ($280,000) purchase of TRASSIR video-surveillance systems by the administration of the Lviv region in western Ukraine.
The systems could be used to “obtain information about the movement of military equipment by rail transportation and public highways,” the SBU said in a publication explaining the decision to block the purchase.
A 'Dangerous' Technology
A technician at one of the former main Ukrainian vendors of the TRASSIR system, TRASSIR EU, conceded that the fact that the cameras’ data travels first to Russian servers is “dangerous.”
“But that’s the way the technology is,” said TRASSIR EU technical specialist Vitaliy Fedorenko. “The whole world works like this.”
The systems can be redirected to send their data to Ukrainian servers, but it is “unrealistic” for owners to do that for each of the “hundreds of thousands” of TRASSIR cameras in Ukraine, Fedorenko said.
Most reported TRASSIR clients who responded to Schemes’ questions stressed that they use or have used the system within a local network inaccessible to outside entities.
The acting general director of the Chernobyl plant, Serhiy Martinov, said that it had stopped using TRASSIR in 2023. A letter from the plant on the DSSL site states Chernobyl had used it since 2011.
In the east-central city of Poltava, where TRASSIR is used as part of a municipal safety program, First Deputy Mayor Valeriy Parkhomenko said he had “had no official appeals or warnings that this system has any risks.”
The head of the city’s Housing and Communal Services Department’s emergency response team, Mykola Yosipenko, conceded, though, that he could not be “100-percent sure” that the camera’s data-transfers are entirely safe.
An engineer from the company that installed TRASSIR for Poltava, Yavir-2000, advised against using the system, saying that it can be hacked and that Russia could use it for monitoring. The engineer, who did not know he was speaking to a journalist, suggested that it would make sense to use the system “if you need to be monitored from Russia.”
Plans For The Future
TRASSIR EU’s founder, Oleh Kiyashko, a native of Ukraine who has Ukrainian and Russian citizenship and is listed on one business registry site as a co-owner of a sales-focused DSSL affiliate called DSSL-Pyervy (DSSL-First), could not be reached for comment about the surveillance systems’ software.
TRASSIR EU Director Larysa Osadcha claims that the company ended its contract and contacts with DSSL in April 2023.
Ukraine’s patent registry shows, however, that the firm still holds the copyright to the TRASSIR software in Ukraine.
Osadcha said that the company is now working with new software for video-surveillance systems called AZIGUARD -- this time from Romania, which is a member of NATO and the European Union. However, the website of AziTrend, the company that owns AZIGUARD, still contains numerous references to TRASSIR software, which, according to the advertisement, is part of the system from the Romanian manufacturer.
Later, after Schemes made inquiries and reported on TRASSIR, references to this Russian software began to disappear from the AziTrend website, but some of them have not been removed.
