Ocnus.Net
News Before It's News
About us | Ocnus? |

Front Page 
 
 Africa
 
 Analyses
 
 Business
 
 Dark Side
 
 Defence & Arms
 
 Dysfunctions
 
 Editorial
 
 International
 
 Labour
 
 Light Side
 
 Research
Search

Dysfunctions Last Updated: Jul 24, 2017 - 9:57:36 AM

Worst known governmental leak ever is slowly coming to light: Agency moved nation's secret data to 'The Cloud'
By Rick Falkvinge, Private Access 20/7/17
Jul 23, 2017 - 9:49:33 AM

 		Email this article
 Printer friendly page

Sweden�s Transport Agency moved all of its data to �the cloud�, apparently unaware that there is no cloud, only somebody else�s computer. In doing so, it exposed and leaked every conceivable top secret database: fighter pilots, SEAL team operators, police suspects, people under witness relocation. Names, photos, and home addresses: the list is just getting started. The responsible director has been found guilty in criminal court of the whole affair, and sentenced to the harshest sentence ever seen in Swedish government: she was docked half a month�s paycheck.

Many governments have had partial leaks in terms of method (Snowden) or relations (Manning) lately, but this is the first time I�m aware that the full treasure chest of every single top-secret governmental individual with photo, name, and home address has leaked. It goes to show, again, that governments can�t even keep their most secret data under wraps � so any governmental assurances to keep your data safe have as much value as a truckload of dead rats in a tampon factory.

It started out with a very speedy trial where a Director General in Sweden was fined half a month�s pay. Given how much the establishment has got each other�s backs, this sentence was roughly equivalent to life in prison for a common person on the street, meaning they must have done something really awful to get not just a guilty verdict, but actually be fined half a month�s salary.

On digging, it turns out the Swedish Transport Agency moved all its data to �the cloud�, as managed by IBM, two years ago. Something was found amiss when the Director General of the Transport Agency, Maria �gren, was quickly retired from her position this January � but it was only on July 6 that it became known that she was found guilty of exposing classified information in a criminal court of law. The scandal quickly escalated from there.

There�s an enormous amount of data in Swedish about the overall leak scandal, but among all that data, one piece bears mentioning just to highlight the generally sloppy, negligent, and indeed criminal, attitude toward sensitive information:

Last March, the entire register of vehicles was sent to marketers subscribing to it. This is normal in itself, as the vehicle register is public information, and therefore subject to Freedom-of-Information excerpts. What was not normal were two things: first, that people in the witness protection program and similar programs were included in the register distributed outside the Agency, and second, when this fatal mistake was discovered, a new version without the sensitive identities was not distributed with instructions to destroy the old copy. Instead, the sensitive identities were pointed out and named in a second distribution with a request for all subscribers to remove these records themselves. This took place in open cleartext e-mail.

Take this incident and scale it up to everyday behavior at a whole agency with key responsibility for safeguarding national secrets.

At present, these databases are known to have been exposed, by moving them to �The Cloud� as if it were just a random buzzword:

The weight capacity of all roads and bridges (which is crucial for warfare, and says a lot about what roads are intended to be used as wartime airfields);

�

  • Names, photos, and home addresses of fighter pilots in the Air Force;
  • Names, photos, and home addresses of everybody and anybody in a police register, all of which are classified;
  • Names, photos, and home addresses of all operators in the military�s most secret units � equivalent to the SAS or SEAL teams;
  • Names, photos, and home addresses of everybody in a witness relocation program or who has been given protected identity for other reasons;
  • Type, model, weight, and any defects of any and all government and military vehicles, including their operator, which says a ton about the structure of military support units;


the list goes on.

All of this was not just outside the proper agencies, but outside the European Union, in the hands of people who had absolutely no security clearance. All of this data can be expected to have been permanently exposed.

Let�s be clear: if a common mortal had leaked this data through this kind of negligence, the penalty would be life in prison. But not when done by the government themselves. Half a month�s pay was the harshest conceivable sentence.

The leak is still ongoing (!!) and can be expected to be fixed �maybe this fall, perhaps�. Much of the available analysis of the leak is still in the form of fully-redacted documents from the Security Police and similar agencies.

Privacy really really really remains your own responsibility.

Source:Ocnus.net 2017

Top of Page
Dysfunctions
Latest Headlines
Space: Shooting Blanks Over Ukraine
The contradictions holding Germany back
Mafia networks with significant impact on Western Balkans’ governance: EU agency
187 Years Later, Congress Thinks About Seating a Cherokee Delegate
All the Kremlin’s Trolls
The Putin regime’s façade begins to crack
The Przewodów Missile
The Governmental Vacuum in Lebanon
Russian Flight From the Arctic Undercuts Moscow’s Hold on the Far North
Biden’s Team Is Dangerously Messing in Bosnia’s Politics