“
Yevgeny Demkivsky Author of news Mezha.media and GIK. I write about technologies, cinema and games. Perhaps about games with a little more passion.
The audit revealed an “excess” of administrator accounts, which creates the risk of internal attacks. The system is also vulnerable to hackers overload and unauthorized access. Although there is no evidence of data leakage, Statewatch researcher Roman Lanno warns that the violation can be “catastrophic” for millions of people.
SIS II, launched in 2013, contains about 93 million records, including 1.7 million profiles of people, of which 195,000 are marked as threats to national security. The system retains biometric data, such as fingerprints and photos, and since 2023-a deportation decision. In the future, SIS II integrates Entry/Exit System (EES) that is connected to the Internet, which can increase risks.
The system’s contract, Sopra Steria, had to correct critical vulnerabilities for two months, but it took eight months to more than five and a half years. The EU-Lisa, the project that manages the project, did not inform the board of directors about problems and relied on consultants. The audit also found that 69 external employees had access to the system without proper security check.
The Sopra Steria spokesman stated that the company operated in accordance with the EU protocols. EU-Lisa stressed that it conducts regular security checks and eliminates risks depending on their criticality.
SIS II is part of the EU effort to create “smart borders”. However, experts, including Francesca Tassari from the University of Basque, say EU-Lisa does not cope with the complexity of projects due to lack of skilled personnel and poor contract management.
”, – WRITE: mezha.media
Yevgeny Demkivsky Author of news Mezha.media and GIK. I write about technologies, cinema and games. Perhaps about games with a little more passion.
The audit revealed an “excess” of administrator accounts, which creates the risk of internal attacks. The system is also vulnerable to hackers overload and unauthorized access. Although there is no evidence of data leakage, Statewatch researcher Roman Lanno warns that the violation can be “catastrophic” for millions of people.
SIS II, launched in 2013, contains about 93 million records, including 1.7 million profiles of people, of which 195,000 are marked as threats to national security. The system retains biometric data, such as fingerprints and photos, and since 2023-a deportation decision. In the future, SIS II integrates Entry/Exit System (EES) that is connected to the Internet, which can increase risks.
The system’s contract, Sopra Steria, had to correct critical vulnerabilities for two months, but it took eight months to more than five and a half years. The EU-Lisa, the project that manages the project, did not inform the board of directors about problems and relied on consultants. The audit also found that 69 external employees had access to the system without proper security check.
The Sopra Steria spokesman stated that the company operated in accordance with the EU protocols. EU-Lisa stressed that it conducts regular security checks and eliminates risks depending on their criticality.
SIS II is part of the EU effort to create “smart borders”. However, experts, including Francesca Tassari from the University of Basque, say EU-Lisa does not cope with the complexity of projects due to lack of skilled personnel and poor contract management.