Swedish media in regards with Akira’s alleged hack of #TietoEvry are playing “the Russian angle”, basically suggesting this has to do with the NATO process that Sweden is in. There feasibly might be some truth to it, but it’s fairly sloppy journalism to focus on that without also criticizing the outsourcing of governmental and municipal IT and the hunt for profit by keeping staff costs low and skeleton crews at a minimum. To me, the vulnerability and shoddiness of it all has a lot to do with the neoliberal turn and the downsizing of the state. Would be interesting to hear THAT angle mentioned from time to time instead of the free market kerfuffle.
Again, not saying that this had nothing to do with Russia the country, but the simpleminded automatic connection between inhabitants of a state and the state itself is just lazy attribution imo. #tietoevry #akira #randomware #sweden
@krampus I can agree to be sceptic to outsourcing IT and into external clouds. But to the point of security and specifically vulnerability to attacks - can you say it would be safer inhouse? Would it intrisinically be safer on an country-wide intranet? I am curious, I am not at all a security expert, but generally interested (and interested in FOSS/FLOSS as well).
@hehemrin That’s not what I meant. I’m referring to many external contractors understaffing and also a certain amount of brain drain from the customer side, ie there is less and less in-house competence to question certain things. Outsourcing doesn’t have to be bad, but there is in my opinion a danger when outsourcing doesn’t come with a healthy dose of questioning. We know that if a company underbids another, one thing that is often used to save money is lower labor costs, either meaning fewer and/or less competent staff. Since the customer probably doesn’t see that part, they are unaware that a firm may understaff.
I’m not saying this is the case with TietoEvry, but I’ve certainly seen it. If shit hits the fan, it becomes an on demand support situation, where outside expertise is hired to help solve a problem. I’m oversimplifying and pontificating slightly of course, but I’m worried that the cost cutting just becomes a big “it’s their fault” merry go round where no one takes responsibility. “Oh sorry it’s not working, but Microsoft/amazon/whoever was supposed to take care of that”.
@krampus Oki, I understand your point, I believe. And yes, outsourcing indeed requires competence by the client to understand what they order, what the should order, follow up etc etc. It is very easy that it rather is commercial-sourcing staff that manage outsourcing than competence staff (said as general statement not related to IT specifically).
