Data trouble hounds government
October 21, 2010
The Norwegian government has been plagued in recent years by serious flaws in various computer data systems. The flaws have involved security leaks and inefficiency, and some of the trouble may linger for several years.
Newspaper Aftenposten has been reporting what it calls a “scandal” involving “major holes” in the security of communication systems used by top government ministries. The lack of secure systems allegedly has left the government open to espionage attempts and means some sensitive information may have fallen into the wrong hands.
The government’s computer system reportedly is under attack frequently by hackers, spying efforts by foreign governments and potential virus infection. State auditors have been “highly critical” to how the ministries’ service center has handled the system’s security, reports Aftenposten.
Several top ministers including Prime Minister Jens Stoltenberg, Foreign Minister Jonas Gahr Støre and former Finance Minister Kristin Halvorsen weren’t even informed that the communications system they were using contained “serious security holes.” For more than a year, from 2008 to the spring of 2009, both the service center and the ministry in charge of it, led by Heidi Grande Røys at the time, kept a lid on information about spying, hacking and virus attempts.
Røys won’t comment, as a matter of principle, she told Aftenposten. Meanwhile, letters of complaint were sent by ministries concerned about security to both the service center and Røys’ ministry. They weren’t immediately answered, apparently because of concerns that the lack of security would be exposed and make the government more vulnerable.
The current minister in charge of such issues as computer security, Rigmor Aasrud of the Labour Party, told state auditors that the holes since have been filled and the security concerns addressed.
“It’s true that DSS (the service center) didn’t manage to complete investment in data security by the fall of 2008,” answered her ministry in one report. “But the work is now being implemented.”
Meanwhile, concerns remain that inefficient and overlapping computer systems will continue to cause problems for welfare agency Nav. Aasrud admitted to Norwegian Broadcasting (NRK) on Thursday that politicians “underestimated” the technical challenges involved with earlier mergers of large public agencies.
In Nav’s case, agencies handling such welfare benefits as pension payments and unemployment compensation were merged, leaving Nav with several different computer systems. One Nav worker showed NRK how handling one case of sick leave benefits requires access to and information from four separate computer systems.
Reconciling them is a massive challenge, and one information technology expert told NRK it may take another three to five years to sort them out.