Interior Ministry concerned over large mobile phone security breach

Ministry: "Operator TeliaSonera is to blame"

print this

The Ministry of the Interior fears that thousands of mobile phones used by personnel under its jurisdiction can potentially be tapped into by eavesdroppers, owing to a security loophole that was uncovered on Thursday last week.
      The Ministry has urged its employees not to use their mobile phones to discuss or message sensitive matters for the time being.
     
The reported security risk concerns over 7,000 employees under the Ministry of the Interior's jurisdiction, whose service provider is TeliaSonera. This group includes workers from the police, the rescue services, the emergency centres, the Frontier Guard, the Directorate of Immigration, the Population Register Centre, the provincial administrative boards, and the Ministry itself, right to the very top.
      "Our administration encompasses 18,000 workers, and thousands of them have a TeliaSonera mobile connection", explains the Ministry's Head of Information Management, Kaarlo Korvola.
      Neither the Interior Ministry nor TeliaSonera have disclosed the exact nature of the possible security breach. Permanent Secretary at the Ministry of the Interior Ritva Viljanen describes the incident as an "extremely serious breach of information security", which "has the potential to lead to various risks to our employees."
      Viljanen also believes that the necessary changes to rectify the situation will be carried out as quickly as possible, after which the problem can possibly be described in greater detail.
     
Korvola, on the other hand, refuses to comment on how long the problem has existed. According to him, the issue was brought to the Ministry's attention last Thursday. The workers were informed the next morning and again on Monday.
      However, the Ministry of the Interior did not spontaneously issue a public statement about the concerns. The Finnish Broadcasting Company (YLE) first reported it on Tuesday.
      Neither Viljanen nor Korvola had information on anyone having tried to take advantage of the problem.
     
According to Viljanen, the service provider TeliaSonera is responsible for the security breach. TeliaSonera Finland's Chief Operating Officer Esa Korvenmaa, in turn, refused to comment on the Permanent Secretary's accusations.
      Korvenmaa reveals that the issue is not a technical data security problem, nor is the problem with TeliaSonera's network or services. "No employees have been suspended on account of this."
      Kari Tolvanen, head of the violent crimes unit of the Helsinki Police, establishes that the issue has not dramatically affected the everyday work of the police.
      "After we were told about the problem on Friday, we have made an effort to refrain from discussing sensitive matters over the phone", Tolvanen explains.
     
Korvenmaa from TeliaSonera issues an assurance that the company's services are safe to use.
      "The Finnish Communications Regulatory Authority (FICORA) has confirmed that based on our discussions with them, there is no reason to suspect any kind of data security breach in our services", Korvenmaa notes.
      After a bidding contest last year, the Ministry of the Interior has already decided that all of its mobile phone connections will be provided by the operator Elisa in the near future.


Links:
  TeliaSonera
  FICORA
  Elisa

Helsingin Sanomat