Author: Denis Tahiri
While Albanian and foreign experts have been trying for months to recover the damages caused by the continuous cyber attacks, (AKSHI) the National Agency of the Information Society demands an increase in salaries up to their quadruple. The proposals presented to the Public Administration suggest for the number one of the institution, a multiplication of the salary from 241,600 ALL to 517,068 ALL. In a letter dated 08.09.2022 sent to the Ministry of Finance and for the information of the Council of Ministers, the National Agency of the Information Society has requested an increase in the salary fund from the current 206,9 million ALL to 943 million ALL for the 2023 budget. The proposal comes not long after the Prime Minister's statement that promised salary increases that would bring higher employee engagement in the IT role.
The argument given by AKSHI "continuous increase in the use of the online platform according to the typology government-government, government-citizen, government-business, also assessing the importance of the processes that are currently carried out through Information Technology programs that are developed and maintained by ANKSI, as the institution responsible for this field, we consider very important the review on your part for the salary increase for all employees of the central AKSHI, in parallel with the continuous increase in responsibilities, as well as the commitment needed to develop, maintain and mainly to protect the infrastructure and systems from cyber attacks", says the letter addressed to the Ministry of Finance.
According to the proposal of AKSHI, the salary of the deputy head, category II-b, which is currently 231,800 ALL, will become 482,005 ALL. On the other hand, for the cabinet director of category II, since the request sent seems to be an empty (or non-existent) position currently in ANA, the salary for 2023 is required to be 496,030 new ALL. Salaries over 4 million old have also been requested for directors and advisors.
The National Agency of the Information Society, in the last two years, was put at the center of the publication of the data of Albanian citizens. First, on the eve of the elections, there was the scandal of the patron Nazis, a case which ended up in the prosecutor's office making three people responsible for the release of nearly 900 data. Before this scandal was closed, another one broke out again, affecting the data of Albanians. Vehicle license plates and salaries of citizens, the list of secret service agents, the police according to their duties were released. This scandal raised questions about the efficiency and security of the systems. But one after the other, the scandals did not come to light until the months of July-August, where it is said that Iranian hackers are behind the attacks to take government Services. This file is also under investigation by the capital's prosecutor's office for four criminal offenses.
Experts are skeptical about the capabilities of AKSHI
"After the attacks organized by Iran, ANA needs to increase its human capacity, and if we look at the official website, we have dozens of vacancies both in the central ANA and in IT depending on various ministries and agencies". says Besmir Semanaj, an information technology engineer, who adds that it is not so easy for AKSHI to get quality contingents because the payments that AKSHI currently has are half of those paid in the private sector.
"But the request for a salary increase at a time when we have not come out of the consequences of the attack by Iran personally does not make much sense to me, because AKSHI needs to be re-established". he adds.
The cyber security specialist, Bledi Aristoteli, is also against the increase of salaries without criteria, who says that first a filtering of people who can and have the capacity to manage these systems should be carried out. "Because there really are people there, but not all of them can deserve a salary increase". he says, adding that: "First of all, we need to see if there are systems and who are responsible for managing these systems, but you cannot increase the salary of the people who are connected to these systems or how many leave the school banks and go to AKSHI. he says, insisting that a separation and categorization is necessary: "the risk, what is the person's responsibility, what are the systems connected to this person, how important is this person, is there training, how much training is there, etc. he says.
"There must be accountability, why did the attack happen? What were the reasons that the security of the state was completely compromised?", says Besmir Semanaj, who says that an account must be given why no investment has been made in cyber security, although we see very high figures over 200 million euros, these are investments made for the digitization of Albania, adding that from the information he has in the part of security investments have been very small. "Someone must be held responsible in this part because you cannot release online systems, systems for digital Services, if all security procedures have not been followed for these systems before they are released and made public". he concludes.
Expert Besmir Semanaj, to the question of why we failed with cyber security, answers that we succumbed to excessive confidence. "If we look at the statements of the leaders of ANKSI and the leaders of the government, while we were hacked, but we did not know, they declared that our systems were very secure and they did not prefer to take the funds to "security". You have to keep something in mind, investment in digitalization is something tangible for the citizen and advertisement for the institution, while investment in "security" is something vital for the institution and for the citizen, but which is not visible to the public". he concludes.
Meanwhile, on the other hand, problems with the ability to manage systems have also been noticed by cyber security expert Bledi Aristoteli.
"I know that AKSHI has a system, but there are no staff qualified enough to know how to use these systems, they do not have a standardization of the systems they have. I noticed this last time too, so there was no update, the firewall had been turned off, the antiviruses had been turned off, etc. If we had a good system of updates and device configuration, but the device configuration is done by people, I don't see people there". he says, noting that despite numerous investments in the digitization of Services, Albania still does not have a centralized "Security Operation Center" system at the national level.
"Italy has it, Greece has it, Serbia is building it, we don't have it. It serves for a bank, for example, that asks for help, but when I need it, I ask for help, I ask a state institution that has the equipment, the assistance of NATO, the internationals, which is a centralized national system that, even if it exceeds their capabilities, have the opportunity to ask their partners for help", he says.
Despite the lack of investment in human resources, ANA from 2012 to December 24, 2021, according to data from Open Data Albania, has spent a total of ALL 20,016,382,436.00. This amount is the amount of treasury transactions from AKSHI to third parties.
The three years with the highest transactions are the years 2019,2020, 2021 and 3,712,871,083.00 with respective amounts of 3,558,397,994.00 ALL, 3,585,079,778.00 ALL and XNUMX ALL.
By normative act, AKSHI is subordinate to the Prime Minister
Since October 13, the National Agency of the Information Society has been subordinated to the Prime Minister, through a normative act which is expected to be approved in the parliament so as not to be repealed afterwards. But through the normative act, there are several changes made.
Now "The working relations of the General Director, officials and administrative employees of the Authority are regulated on the basis of the Labor Code", and no longer according to the procedure carried out until now provided by law no. 8549, dated 11.11.1999 "Status of civil servants". Also, another point added through the normative act is that of rewards, in which it is stated that:The General Director and the employees of the technical units of the content of the Authority, in addition to the salary according to the salary categories determined by the decision of the Council of Ministers, benefit from an allowance for a special nature of work, in the amount of up to 800 (eight hundred thousand) ALL per month . The measure of the allowance for special nature of work for each category is determined by the decision of the Council of Ministers."
"Sinjalizo" requested a response from the communications director of Prime Minister Rama, Mr. Endri Fuga, on the reasons for the emergency to change the law through a normative act, but has not yet received a response.
