When the Swedish Tax Authority (Skatteverket) was hacked a few years ago–all attention was focused on the court case that followed against the alleged hacker, Gottfrid Svartholm Warg (a.k.a. anakata).
There was little or no notice taken to the fact that the IT system in question was poorly protected.
During the entire process, Skatteverket as well as its system contractor Logica tried to keep that aspect of the case under the radar.
But finally someone has picked up on this. Today the Swedish Pirate Party former member of European Parliament Amelia Andersdotter has submitted a complaint to the Swedish Data Protection Agency (Datainspektionen).
The point of the complaint is that Skatteverket doesn’t care enough about security in IT system procurement.
This will be interesting to follow, as EU public procurement rules in many cases don’t really give that much room for other considerations than price.
(In addition to traditional IT security issues, it might also be a good idea to look into contractors relations with other countries intelligence and surveillance networks–so that they won’t provide backdoors for NSA, GCHQ or others.)
Amelias blog post (in Swedish) »
/ HAX
No comments yet.