Red Ice News

The Future is the Past

The Biggest Data Leak in Swedish History was also the Most Avoidable
New to Red Ice? Start Here!

The Biggest Data Leak in Swedish History was also the Most Avoidable

Source: thenextweb.com

It’s been described as “the biggest leak in Swedish history”, and it’s easy to see why.

Looking to cut costs, in 2015, the Swedish Transport Agency (STA) outsourced the management of its database and IT infrastructure to two companies — IBM in the Czech Republic, and NCR in Serbia.

Given the sensitivity of the data, it should have only really been accessed by authorized personnel. But the STA was eager to deploy the system, ostensibly to save money on labor costs, and it bypassed vital security checks that would have otherwise prevented Czech and Serbian techies from working on the system.

Per Infosecurity Magazine, the database contained:

vehicle registration data from every Swedish citizen, data on all government/military vehicles, the weight capacity of all roads and bridges, names, photos and home addresses of Air Force pilots, police suspects, elite SAS-style operatives and anyone in a witness protection scheme.

There are also concerns that the European Union’s secure STESTA network, which was connected to the Swedish government intranet, was also compromised.

Serbia has pivoted closer to Russia in recent years, and there is a concern that information from this database will be obtained by Russian intelligence. According to Swedish Pirate Party founder Rick Falkvinge:

While it can’t be proven in this specific case that high-value military information in Serbia’s hands also comes into Russia’s hands, it’s one of those things that should just be assumed in the general case.

The idea that Sweden — a member of the European Union, and a prospective NATO member — could be so careless with such sensitive information, is deeply troubling.

The Swedish-equivalent of the DMV didn’t just dox its citizens, but also released strategically-crucial defense information, as well as potentially compromised the security of the EU secure intranet.

But that’s only part of the story. Sweden’s impotent response deserves serious scrutiny.

Documents published show the Swedish government — particularly the Interior Minister and the Infrastructure Minister — knew about the insecure handling of the data as early as 18 months ago. As pointed out by Falkvinge, “they said and did nothing.” (Emphasis his)

The civil servant responsible for this spectacular (and catastrophic) screwup admitted “criminal negligence in handling classified information,” and punished with a fine equivalent to half a month’s salary.

Given the very public outcry, both within Sweden and outside, I would certainly hope they’re scrambling to fix this calamity, which the country’s prime minister has described as “a disaster.”

At the very least, I’d hope they’ve learned a lesson about the nature of the cloud, and why going cheap isn’t always a good idea when it comes to critical technological infrastructure.

The unfortunate reality is that if the Swedish Transport Agency wasn’t so driven by a desire to cut costs, or at least was more discerning with where it offshored its data, it wouldn’t have found itself in this position.

 

 

 

 

Comments

We're Hiring

We are looking for a professional video editor, animator and graphics expert that can join us full time to work on our video productions.

Apply

Help Out

Sign up for a membership to support Red Ice. If you want to help advance our efforts further, please:

Donate

Tips

Send us a news tip or a
Guest suggestion

Send Tip

Related News

“By Calling this General Election, Theresa May has Committed the Biggest act of self-Sabotage in British Political History”
“By Calling this General Election, Theresa May has Committed the Biggest act of self-Sabotage in British Political History”
Swedish prosecutors drop investigation into WikiLeaks founder Julian Assange and will revoke arrest warrant
Swedish prosecutors drop investigation into WikiLeaks founder Julian Assange and will revoke arrest warrant

Archives Pick

Red Ice T-Shirts

Red Ice Radio

3Fourteen

How Right Wing Is Japan Today?
Yoko Mada - How Right Wing Is Japan Today?
European Cooking & Philosophy
Elisabeth - European Cooking & Philosophy

TV

How Cult Leader Charles Manson Was Made
Jay Dyer - How Cult Leader Charles Manson Was Made
What’s Really Happening in Saudi Arabia?
Patrick Le Brun - What’s Really Happening in Saudi Arabia?

RSSYoutubeGoogle+iTunesSoundCloudStitcherTuneIn

Design by Henrik Palmgren © Red Ice Privacy Policy