Editions:  Austria · Denmark · France · Germany · Italy · Norway · Spain · Sweden · Switzerland
Advertisement

Sweden telecom network 'vulnerable to attack'

Share this article

Sweden telecom network 'vulnerable to attack'
Swedish landlines could be vulnerable to hacking, according to newspaper Dagens Nyheter. Photo: Lars Pehrson/SvD/SCANPIX
07:25 CEST+02:00
Outsourcing and serious security flaws by external suppliers could leave Sweden's telecommunications network open to attack – and make it easier for foreign powers to tap into them unnoticed, an IT security expert has said.

Telia Sonera manages the majority of the Swedish copper wire telecommunications network – used by almost 3.9 million customers, including official authorities – through its daughter company Skanova. But for a number of years maintenance of its IT system has been outsourced to a consulting firm in India.

The firm has been given unique access to Telia Sonera servers in Sweden, which in theory means that it would be able to bug as well as knock out the entire telecom network, according to Swedish daily Dagens Nyheter (DN).

And according to unnamed sources quoted by the newspaper, computer user names and passwords are often exchanged via unencrypted email.

IT security expert Leif Nixon sharply cricitized the practice in an interview on Thursday. He said it is particularly serious if the passwords get emailed to customers in other countries as foreign surveillance authorities – such as the NSA in the United States and the British GCHQ – are likely to be monitoring cross border traffic.

“To send passwords by email should be a 'big no-no' to a telecom operator,” he told DN.

Håkan Kvarnström, head of security at Telia Sonera, said it does not matter if the IT system is administered from Sweden or from abroad.

“We have strict agreements regulating security requirements with all our suppliers. The same rules that apply to our own workers apply to them,” he told DN.

When asked about passwords being sent in unencrypted emails, he said: “That's nothing I'm familiar with. Emailing passwords is a violation of our security rules. It is serious. Passwords must never be sent in plain text. It absolutely must not happen.”

The Swedish Post and Telecom Authority (PTS) is the watchdog that monitors the electronic communications and postal sectors in Sweden.

“It is difficult to say at present whether the conduct has been right or wrong. When it comes to the handling of passwords it is of course important that Telia acts. There are regulations stating that passwords should be handled in a secure manner and that the people involved should have been given proper training,” Staffan Lindmark at the PTS  told DN on Thursday.

Get notified about breaking news on The Local

Share this article

Advertisement

From our sponsors

'Lagom' leadership: the secret to Swedish success?

Is the Swedish approach to leadership really as special as people think? The Local asks a non-Swedish manager at telecom giant Ericsson for a frank appraisal of Swedes' so-called 'lagom' leadership style.

Advertisement
Advertisement
Jobs
Click here to start your job search
Advertisement
Advertisement

Popular articles

Advertisement
Advertisement