Swedish Mega-leak

Discussion in 'Current Affairs, News and Analysis' started by robotnik, Aug 3, 2017.

Welcome to the Army Rumour Service, ARRSE

The UK's largest and busiest UNofficial military website.

The heart of the site is the forum area, including:

  1. Almost impossible to believe, but it seems the Swedish government's Transport Agency moved a load of data to The Cloud, not realising that this was, er, a tad insecure.

    The data included personal details of special forces and police witnesses, plus detailed descriptions and specs of military vehicles, and an indication of roads earmarked as suitable for landing aircraft.

    More here: https://www.linkedin.com/pulse/sweden-trouble-jean-labrique

    Favourite bit - the same agency sold Sweden's entire register of vehicles and owners, and then realised that the list included people in the witness protection program, so sent out an email listing their new identities and asking everyone who bought the original list to kindly delete the sensitive names!

    Whodunnit? The boss of the Transport Agency, Maria Agren, was prosecuted and convicted of disclosing classified material. She was sentenced to the loss of half a months' pay.....
    • Informative Informative x 11
    • Like Like x 1
  2. AlienFTM

    AlienFTM LE Book Reviewer

    Pay peanuts.

    Had she followed the old adage, "Nobody ever got sacked for buying IBM," and bought the right kind of cloud space, she'd have been fine.

    Probably bought cloud space in a shed.
  3. Cold_Collation

    Cold_Collation LE Book Reviewer

    And there's the big problem: had she worked for a commercial company, she'd never find employment again.
  4. Wasn't someone asking about the legality of Industrial Espionage recently? I'm hoping it's just coincidental timing.

    • Funny Funny x 3
    • Like Like x 1
  5. Almost as good as HMG regularly losing stuff.
    • Disagree Disagree x 1
  6. Er...

    Or have I just been wah'd?
  7. AlienFTM

    AlienFTM LE Book Reviewer

    Well I missed that!

    I told them it was all sh¡t and they were throwing out what separates them from the field before I left.

    And my former colleagues wonder why they're running at a loss?

    Last one out, shut the door.
  8. The company I work for has decided the cloud is a really, really good idea and is going to move all our sensitive data there. Brought in a wiz guy to manage it who 'knows all about it'. He'll be here for a year or two then skip off with his fat cheque to the next job. Like he did with the last one "How long were you at your last job?" - "A whole two years, making sure it was right". They think they are going to save a lot of money, together with the headcout saving of course.

    I'm guess a clusterfeck in the waiting.
    • Informative Informative x 2
    • Like Like x 1
  9. As an exercise, search and replace within the proposal document and replace every reference to "the cloud" to "the Internet". See if higher management will approve this proposal.

    Now do the same, but this time replace references to "the cloud" to "publicly accessible servers controlled by a third party supplier". See if that one gets approved.

    You can use cloud computing securely and safely, but the first step is realising it's not some magic facility, it's just computers and software that someone else is running.
    • Like Like x 7
  10. You too huh?
    We've had that twattery so often the expectation of us being shafted goes with the job.
    • Like Like x 1
  11. Since its conception I have been dubious of off site storage of data and cloud storage, you have data someone else can profit from, then that data it will be stolen.

    I realise its cheaper but immensely fool hardy in my opinion, keep all data in house on secure servers maintained by on site staff.
    • Like Like x 4
    • Disagree Disagree x 1
  12. You'll be surprised how many peeps in very senior positions don't know what you've just written. Magic beans is what they believe in and they'll pay good money for it and fek you off for daring to raise an eyebrow.
    • Like Like x 2
  13. There is no reason why it can't be safe and secure, if done properly. However "done properly" costs money. We provide a dedicated, private, cloud for a customer. It's not cheap, but it provides a fixed cost facility, that is not shared with anyone else, and is cheaper than doing the equivalent with suppliers such as Amazon etc. We also take security and process seriously and work directly with our customers IT department to the point we are treated very much as a partner rather than a supplier.
    • Like Like x 6
  14. It can be both secure and resilient IF proper safeguards and security procedures are in place. However, that costs money, so along comes bean counters with the possibility Vs likelyhood chestnut and we all know where that leads.
    Fekkit. Beaten by @Drazyl
    • Like Like x 2
  15. Tedsson's First Law Of Computing - Don't store any personal data in the cloud. None whatsoever and certainly nothing that can identify you, your address, financial and other personal details.

    I use various Cloud storage services like Degoo (100Gb free) Google (15Gb free) etc but only for stuff that is not important (music, pictures, maps, books etc). Stuff I don't really care about and don't really care if anyone else has access to.

    I back up everything across two laptops and three encrypted external drives. There are risks in that but it is a trade off.
    • Like Like x 3