|Home » Industry Watch
Assange Case: Sweden Playing Peekaboo with Rule of Law
'We want a free Internet.' From 'Under Mattan'.
STOCKHOLM (Rixstep) — There are a lot of things lieutenant colonel Ulf Forssberg can't talk about - he can't say how many people work in his division, what his budget is, reveal anything about his work environment, about their equipment - he can't even say where they're located.
The Swedish IT defence division ITF and the military intel agency MUST are the Swedish armed forces' answer to the growing threats of advanced Internet attacks. This past summer commander in chief Sverker Göranson singled out Internet attacks as the number one threat to Sweden.
And yet there's a lot of secrecy about ITF and no one will say much about it. As recently as 2010 then minister of defence Sten Tolgfors told SvD that Sweden won't be needing a special cyber division. But that's exactly what they've built up, even if they don't like to use that term. Recruitment to the ITF began in 2003 and the division achieved operational status in 2008. And they continue to grow. 'We expect to achieve full operational status next year', said Ulf Forssberg. 'We need staff with special competence. We're always looking for more people.'
The charter of the ITF is to protect the Swedish armed forces from Internet attacks and network intrusion. They have to hunt down intruders and note their movements, develop strategies for preventing the attacks, and protect the IT and management systems of the Swedish defence. But if Ulf Forssberg and his colleagues have no inhibitions in speaking about their defensive capabilities, they certainly do when it comes to offensive capabilities.
It's natural that a division created to defend against Internet attacks will also understand how to carry out such attacks. So ITF this past autumn put up ads in the media looking for people with experience in 'offensive technologies such as development of exploits'. What they're looking for is people who can hack their way into computer networks and close up security holes. What they learn from this is of course how to use such technologies against forces attacking Sweden.
'The question is whether we avail ourselves of those capabilities', says Ulf Forssberg. 'Most countries will admit they have a defensive capability but very few admit they have an offensive capability as well.'
How the Swedish armed forces will use their offensive capabilities is a sensitive topic being debated right now by the defence and the cabinet. According to documents obtained by SvD, people at the Swedish National Defence College have by the department of defence been assigned the task of determining when and how Sweden will be able to use military force against cyber attacks. This study is to become a work of reference for a national panel on information security that the government promised to provide. The department of defence are at the same time conducting their own study.
'We're looking at how we can defend ourselves if we're attacked', says defence department chief of development Dennis Gyllenspore. 'If we come under attack, we have to respond, and our response can of course be seen as offensive.'
But both Ulf Forssberg and Dennis Gyllenspore are careful to point out that the assignment of the defence is not to defend all of Sweden from cyber attacks - only their own networks.
Civil defence is the responsibility of other agencies such as MSB and FRA. And as a part of the current escalation online, people are sketching a coming Swedish national cyber defence system. In a written reply to SvD, minister for defence Karin Enström (of the conservative party) says that there are a number of state agencies who need to improve their defences against cyber attacks. At the behest of the department of defence, FRA are currently developing an intrusion detection system that will protect national cyber infrastructure - a system with sensors that analyse Internet traffic to detect and prevent attacks.
'The system will aim to protect agencies we know are under attack today, says Cecilia Laurén, chief strategist at FRA. 'The attackers can be other countries trying to access information that's protected in Sweden. The sensors are a part of the plan to construct a viable cyber defence system, but we also need better cooperation between our agencies and organisations in Sweden.'
Swedish defence agencies have previously claimed that revealing information such as the above - obtained through FOI site 'Under Mattan' ('Under the Rug') - can damage Sweden's reputation, and have in at least one case had FOI documents taken down from the Internet.
The people behind 'Under Mattan' continue to work behind the scenes. The following was forwarded by a Rixstep source.
I've asked for the documents you requested, concerning Maria Häljebo Kjellstrand and Julian Assange, through one of our sources. The people at the other end were very reluctant to reply and did so only after an unacceptably long delay. Their answer? They have no information!
So my source then requested the same documents from two other agencies. They won't be able to cheat much longer. Today they give a rat's arse about replying promptly and seem to have completely discarded the concept 'freedom of information'.
Instead they've gone into full Dictatorship Mode.
Our blog revealed in early December 2012 that the Swedish Foreign Office will not reply within a week to freedom of information requests as they should and as the Swedish media insist they do. Requests take instead two to three months.
Our blog then revealed that we'd been censored by the Swedish government for at least a half year through Swedish intel. Our estimation is that throttling access to the site eliminated between 50% and 90% of all traffic.
The site was shut down a couple of days after this information was made public - shut down in the middle of the night with no prior warning or subsequent explanation.
The people at the ISP Blog.com refuse to take our calls or reply to our inquiries.
We've received documents from a similar shutdown of another Swedish blog where we can see in black on white which individuals ands which Swedish agencies are responsible. This blog was also hosted by Blog.com.
So we're convinced we've been watched for quite some time by the Swedish cabinet and their friends, and we're making this information public for the first time.
If freedom of information in Sweden had functioned better, I'd have uploaded this information to the Internet. Our press statement perhaps can reach some people. We can't put our trust in our media.
The blog was most likely shut down at the behest of Swedish army intel, the government, and the foreign office. They were all exposed in the documents uploaded immediately prior to the shutdown.
They've even succeeded in scrubbing Google caches and removing other information.
Industry Watch: Assange: Shutting Down a Swedish FOI Site