GCSB tried to stop Treasury hack claim

NZ Herald: GCSB tried to stop Treasury boss Gabriel Makhlouf from saying website, Budget had been ‘hacked’

Political reporter Derek Cheng has uncovered new details of the hours leading up to Treasury boss Gabriel Makhlouf’s claims that his department’s website had been hacked for Budget details.

The Government’s spy agency made urgent calls to the Beehive before Makhlouf’s public statement – we reveal today what they told at least one senior Government Minister.

The new details come as Makhlouf faces a State Services Commission investigation over the way he handled claims the website had been hacked. It later transpired that Budget details could be uncovered using the Treasury’s search engine.

Matthew Hooton:

Could it have been little more than Makhlouf’s understanding (or misunderstanding) of what ‘hack’ meant?

Hack: “gain unauthorized access to data in a system or computer.”

Was whoever searched like crazy through the weekend authorised to do that? Was Simon Bridges and National authorised to release budget details two days early?

Authorise: “give official permission for or approval to (an undertaking or agent)”

Hgas: “who gives a stuff?”

‘Surprising’ New Zealand has no strategy to prevent terrorist attacks

Can terrorism prevention in New Zealand be effective without having a strategy. The risk of terrorism can’t be eliminated completely, but some sort of strategy must be a help.

RNZ – Christchurch Attacks: What security agencies are keeping us safe?

The minister responsible for New Zealand’s spy agencies says it’s “surprising” the country doesn’t have a strategy to prevent terrorist attacks.

But Andrew Little maintains the country’s intelligence systems are effective.

“We like to think we have a counter-terrorism means, the ability to respond to something. But we don’t have a strategy that anticipates and prevents or seeks prevention of a terrorist act happening,” he said.

According to research by former army officers Chris Rothery and Terry Johanson, both now academics at Massey University, New Zealand’s entire national security system is “reactionary”, and does not focus on anticipating and preventing terrorist activity.

“There are not many countries that do have a national security strategy, but they do have a more formulated policy [than New Zealand] in regards to a lot of the threats that they’ll face,” Mr Rothery said.

The pair said New Zealand has no national security strategy, no counter-terrorism national strategy and – unlike in Australia,Canada and the United Kingdom – no independent body to check threats are being prioritised properly.

Andrew Little, who is responsible for the Security Intelligence Service (SIS) and Government Communications Security Bureau (GCSB), admitted the focus had been on reacting to events.

“We’ve focused a lot on building up the components you need to have a system that can act and respond, but what we haven’t done is lift it up to the next stage which is having got good foundations, to then think strategically and think ahead and think more robustly about preventative measures.”

This was the case despite a four-year rebuild of the SIS and GCSB, an extension of their legal powers and $200m extra ploughed in since 2016, once an extra $50m included in last week’s Budget is factored in.

The SIS and GCSB did not begin, in earnest, looking into far right activity until mid-2018. The agencies were yet to get to the point of focusing on individuals or organisations when the Christchurch terror attacks happened.

The DPMC stated its counterterrorism approach covered prevention and preparation, plus there was a terrorism risk profile and a framework for preventing violent extremism.

It added that there was a strategic framework drawn up just last year.  The department delayed Insight’s Official Information Act request to be supplied with the framework until later in June.

Governments can’t be fully proactive with everything.

A lot has changed regarding earthquake proofing requirements and guidelines of buildings since the Christchurch earthquakes. And insurance premiums have gone up a lot – it wasn’t just the Government who was unprepared.

There were immediate reactions to the Christchurch mosque massacres, with changes to firearms laws to make it harder to get high capacity rapid fire weapons.

There were also immediate reactions from the Police who arrested a number of people on firearms and hate speech related charges.

We can expect that our secret services are working secretly to substantially improve counter terrorism and deterrence of and prevention of terrorism.

The surveillance debate will take time, fortunately

It’s common for things like policing, surveillance  and spying to be revisited after a major event like the Christchurch mosque attacks. It is impossible to prevent any possible attack, but it is certainly worth looking at what more could be done to minimise the risks bu maximising the chances of identifying potential attackers before they attack.

There are likely to be some changes, but we have to be careful to keep a reasonable balance between protection and persona freedoms.

More surveillance is already happening. RNZ: More NZers under surveillance: Andrew Little authorises spy agencies to do more ‘intrusive’ activities

The country remains on a high threat alert more than a week after the terror attacks in Christchurch.

The actions of the agencies who are meant to protect New Zealand from such atrocities have been under scrutiny since Friday 15 March.

The minister responsible for the two security agencies, Andrew Little told Morning Report he had given authority to spy agencies to do “intrusive” activities under warrant.

“I’ve signed warrants [since the attacks] … I’m not sure I’m at liberty to disclose the number. We typically have between 30 to 40 people under surveillance. That number will be bigger now.”

Referring to the possible ties between a far-right group in Austria and the accused gunman, Little said he suspected it was because “our intelligence agencies are working with intelligence agencies across the world”.

He said work on scanning and building up a profile of right-wing extremism commenced in the middle of last year and was “definitely continuing”.

He also said he didn’t think New Zealand was a soft target in terms of security, but had a “robust system” for assessing “violent extremist risks”.

Asked if the attack was an intelligence failure, he said it was ” too premature to draw that conclusion”.

“The purpose of the Royal Commission of Inquiry is to ascertain whether or not there were failures on the part of our security and intelligence agencies.”

I think that with the attacks fresh on everyone’s minds most people will accept some increases in surveillance – as long as it doesn’t affect them.

Simon Bridges wants more:  GCSB and SIS’s ‘hands tied behind their backs’ – Simon Bridges

New Zealand spy agencies’ balance between privacy and security has tipped too far towards privacy, and should be revisited, National Party leader Simon Bridges says.

Bridges said yesterday New Zealand’s security risk had “changed” and a review of security legislation was needed to make sure people were kept safe.

He said a decision made by the former National government in 2013 to abandon Project Speargun, a more intrusive regime which would have scanned internet traffic coming into New Zealand, should be reconsidered.

“I think we were overcautious in 2013/14,” he told Morning Report today.

“I think the case is what we have right now are security agencies with two hands tied behind their backs.

Sam Sachdeva (Newsroom) suggests caution – Why sweeping surveillance laws aren’t the answer

National leader Simon Bridges is calling for New Zealand’s intelligence agencies to be given greater powers, claiming our spies currently have their hands tied behind their backs. But it’s far from clear that greater surveillance would have stopped the Christchurch attack, and hasty changes could be disastrous.

Bridges has succeeded in distinguishing himself from Ardern, who said New Zealanders did not want the country to be a “surveillance state”.

But on the substance of whether law changes would do much to prevent a similar attack, Bridges’ argument seems decidedly shaky.

It’s far from unusual for countries to tighten their security laws after a terror attack, with France, Belgium and the United Kingdom among nations to have passed more stringent legislation following domestic incidents.

Perhaps most infamously, the United States pushed through the USA PATRIOT Act after the September 11 attacks, granting sweeping powers to a number of government agencies despite objections from civil liberties advocates.

But there’s little evidence to suggest that more sweeping surveillance powers play a significant role in stopping other attacks.

Reinhard Kreissl, the chief executive of the Vienna Centre for Societal Security Research, has argued that better training of, and organisational structures for, law enforcement experts deliver higher returns than expanding the amount of data they gather.

“More data and more surveillance will not help to find the proverbial needle or needles in the haystack,” Kreissl said, a view echoed in a thorough piece on the New Zealand situation by The NZ Herald’s David Fisher.

There have already been questions about whether the NZSIS and GCSB focused too closely on the threat of Muslim extremism, and not enough on the rise of white supremacy and far-right extremists in recent years.

NZSIS boss Rebecca Kitteridge has said the agency increased its efforts to understand the threat posed by the far-right in recent months, but representatives of New Zealand’s Muslim community have said concerns raised much earlier were not taken seriously.

New Zealand’s current target may be white supremacists and the far-right, but there are no guarantees that future administrations or officials will be judicious in how they use any new laws.

A Royal Commission will undoubtedly take some time, but a painstaking examination is more appropriate than a hasty rush to judgment.

Justice Minister Andrew Little has said of surveillance reforms – arguably a far more contested and complex space than the Government’s gun laws – that “the worst time to be considering law changes is in the immediate aftermath of a monstrous event like this”.

It’s a sentiment Bridges may want to think about before he again tries to leap ahead of the pack.

Bridges and National are not in power so there is no risk of them rushing into making draconian and relatively ineffective changes. The Royal Commission will help slow things down and ensure security issues are at least debated and carefully considered. As they should be.

 

Royal Commission of Inquiry into security agencies

Prime Minister Jacinda Ardern has announced a Royal Commission of Inquiry into the country’s security agencies, in response to the Christchurch terror attacks.

RNZ:  Prime Minister Jacinda Ardern announces details of inquiry into security services

Prime Minister Jacinda Ardern has announced details of a Royal Commission of Inquiry into security agencies after the Christchurch mosque attacks.

She said, while New Zealanders and Muslim communities were still grieving, they were also quite rightly asking questions about how the terror attack was able to take place.

The inquiry will look at what could or should have been done to prevent the attack, Ms Ardern said.

It will look at the Government Communications Security Bureau (GSCB), the Security Intelligence Service (SIS), police, Customs, Immigration and any other relevant agencies, Ms Ardern said.

The Government Communications Security Bureau (GSCB) and the Security Intelligence Service (SIS) have been criticised over an apparent lack of monitoring of right-wing extremists.

It may be that there was little or nothing that could have been done to protect against this month’s attacks, but it is good to check out the performance of the security agencies, the GCSB, the SIS and the Police. It should ensure that the chances of a repeat are lessened.

 

GCSB stops Spark from using Huawei for 5G

The GCSB is stopping Spark from using Huawei equipment for their new 5G cellphone network. They won’t give reasons, saying they are classified.

There are concerns that a Chinese owned company be involved in communications infrastructure – but some also have concerns about US technology companies with allegations of CIA back doors.

RNZ: Reasons to block Spark’s 5G rollout ‘classified’

The Minister responsible for the Government Communications Security Bureau (GCSB) said the reasons why a Chinese tech company won’t be involved in the rollout of 5G technology here are classified.

The GCSB has turned down Spark’s proposed use of Huawei equipment in its new network because it would raise significant national security risks.

Andrew Little said he was briefed on the decision on Monday but cannot divulge what the risks might be.

“Spark notified the GCSB two or three months ago, GCSB has carried out an assessment on the technology that Spark proposes to introduce and has assessed that technology as posing a national security risk. That assessment was notified to Spark today.”

“Spark have indicated they will have a close look at the reasons for GCSB’s assessment then if Spark wishes to continue with their proposal they then have the option of working with the GCSB on looking at mitigation of [those risks].”

Mr Little said the 5G technology was more sophisticated than older network technology and was not currently in use in New Zealand.

“The principal difference between 5G technology and the conventional 4G and 3G technology is that the conventional technology has an infrastructure core and then peripheral technology such as cellphone towers and the like and they can, in effect, be kept separate but you cannot do that with 5G technology.”

“Every component of 5G technology, every component of the network is integrated and therefore access to one component can lead to access to the entire network.”

He said the GCSB decision was not a complete deal-breaker for Spark’s rollout of 5G.

“Spark has said they are committed to rolling out 5G by the end of 2020, there’s no reason why they can’t stick to that timetable. They have known that they’d have to go through this process… it’s underway and there’s still work to do.”

US sanctions Russians for cyber attacks

The US has announced sanctions on three Russian individuals and five companies, who have been cited as ‘malicious actors working at the behest of the Russian Federation and its military and intelligence units to increase Russia’s offensive cyber capabilities’ against the US ‘and it’s allies’ – which could include New Zealand.

Reuters: U.S. sanctions Russians over military, intelligence hacking

The U.S. Treasury imposed sanctions on three Russian individuals and five companies on Monday, saying they had worked with Moscow’s military and intelligence services on ways to conduct cyber attacks against the United States and its allies.

“The United States is engaged in an ongoing effort to counter malicious actors working at the behest of the Russian Federation and its military and intelligence units to increase Russia’s offensive cyber capabilities,” Treasury Secretary Steven Mnuchin said in a statement.

“The entities designated today have directly contributed to improving Russia’s cyber and underwater capabilities through their work with the FSB and therefore jeopardize the safety and security of the United States and our allies,” Mnuchin said, using an acronym for Russia’s Federal Security Service.

The Treasury said Russia’s “malign and destabilizing cyber activities” included the NotPetya attack last year, which spread across Europe, Asia and the Americas. The White House in February blamed Russia for the attack, saying it caused billions of dollars in damage and was part of the Kremlin’s effort to destabilize Ukraine.

The Obama administration sanctioned Russia’s FSB in December 2016, citing the Russian government’s aggressive harassment of U.S. officials and cyber operations aimed at the 2016 presidential election.

Washington imposed additional sanctions against the intelligence services in March, when President Donald Trump’s administration slapped sanctions on 19 individuals and five entities.

At the time, the administration publicly blamed Moscow for the first time for a campaign of cyberattacks that targeted the U.S. power grid, including nuclear facilities, and stretched back at least two years. Russia has denied trying to hack into other countries’ infrastructures.

There’s a good chance Russia will retaliate with sanctions of their own.

GCSB (February 2018): New Zealand joins international condemnation of NotPetya cyber-attack

The Director-General of the Government Communications Security Bureau (GCSB) Andrew Hampton has today added New Zealand’s voice to international condemnation of the NotPetya cyber-attack.

NotPetya caused wide spread damage and disruption to computer systems around the world in June 2017.

Mr Hampton says the GCSB’s international partners have today attributed the NotPetya cyber-attack to the Russian Government.

“While NotPetya masqueraded as a criminal ransomware campaign, its real purpose was to damage and disrupt systems,” Mr Hampton said.

“Its primary targets were Ukrainian financial, energy and government sectors. However, NotPetya’s indiscriminate design caused it to spread around the world affecting these sectors world-wide.

“While there were no reports of NotPetya having a direct impact in New Zealand, it caused disruption to some organisations while they updated systems to protect themselves from it.

“This reinforces that New Zealand is not immune from this type of threat. In a globally connected world our relative geographic isolation offers no protection from cyber threats.

“We support the actions of our cyber security partners in calling out this sort of reckless and malicious cyber activity.”

In the 12 months from June 2016 to June 2017 nearly a third (122) of the 396 serious incidents recorded by the GCSB’s National Cyber Security Centre involved indicators that have previously been linked to state-sponsored actors.

I think it’s unlikely New Zealand will join the US with sanctions.

A fan of the Banksy exhibition

Contrasting with ‘The Auckland Banksy exhibition sucks’ is a post by Martyn Bradbury praising the Banksy exhibition.

The Daily Blog: The Liberal Agenda – Banksy Exhibition – 5 stars

By turning up in your thousands you tell Banksy his work matters and you fulfil the spirit of danger his art exists in by scaring the bejesus out of the Government security agencies who will be inevitably monitoring the exhibition.

The ability to criticise freely because of zero consequence is a power beyond branding and that’s why on its first day a staggering 1800 packed the Aotea Centre to get the chance to see his work up close.

To suggest missing this exhibition would be akin to a book burning is not an overstatement in any measure.

So he’s a fan.

By turning up in your thousands you tell Banksy his work matters and you fulfil the spirit of danger his art exists in by scaring the bejesus out of the Government security agencies who will be inevitably monitoring the exhibition.

Let the GCSB and SIS know that are in trouble if the revolution ever erupts.

Bradbury has turned his hope for starting ‘the revolution’ to an exhibition staged by the ex-manager of a street artist.

I doubt that the GCSB or SIS will be at risk of their bejesus scared all that much.

 

Key’s ‘Speargun’ claims questioned

Documents obtained by NZ Herald under the Official Information Act suggest that claims made by Prime Minister John Key about the Speargun surveillance project may not have been accurate.

NZH: John Key, mass surveillance and what really happened when Edward Snowden accused him of spying

Sir John Key’s story of how and why he canned a “mass surveillance” programme are at odds with official papers detailing development of the “Speargun” project.

The issue blew up in the final days of the 2014 election with Key claiming the programme was long-dead and had been replaced by a benign cyber-security system called Cortex.

Key always claimed the Speargun project to tap New Zealand’s internet cable was stopped in March 2013.

But new documents show development of Speargun continued after the time he had said he ordered a halt – apparently because the scheme was “too broad”.

The NZ Herald has found – after three years of refusals and information going missing – that the former Prime Minister’s version of events doesn’t match that of documents created at the time.

The plan to develop Speargun began in April 2012 under the guise of “Initiative 7418” when Cabinet asked the GCSB to develop an advanced cyber protection strategy.

The GCSB has confirmed to the Herald that a warrant was sought and granted for “Phase 1” of Speargun between July 2012 and June 2013.

GCSB director Andrew Hampton said in one response: “This warrant was sought to ensure GCSB would be able to undertake any preliminary work as part of the business case Cabinet asked GCSB to prepare.”

Details released through the OIA show there was a meeting with the GCSB over Speargun in March 2013.

This was the point at which Key claims Speargun was canned with a press release issued between the Snowden claim and election day saying: “March 2013: PM tells GCSB not to bring business case forward. Informs GCSB it is too broad. Budget contingency funding will be rolled over and used for something else in cyber security.”

But new GCSB documents tell a different story, backed up by documents from the Prime Minister’s office.

It is a detailed investigative article by David Fisher, with a number of source documents included.

Dotcom loses bid to access GCSB recordings

Kim Dotcom has failed in a bid through the High Court to get access to recordings made by the GCSB.

NZH: Kim Dotcom kept in the dark about GCSB spying

In a just-released ruling, Justice Murray Gilbert has said the recordings won’t be released.

The GCSB has previously admitted illegally intercepting private communications between Kim and Mona Dotcom, and Bram van der Kolk, as part of the extradition case being built between December 2011 and March 2012.

Then-Prime Minister John Key has apologised for the communications being intercepted.

“The Dotcoms complain that non-disclosure impedes their ability to pursue their claim and breaches their rights under the New Zealand Bill of Rights Act 1990,” the decision said.

“In particular, they submit that the measure of damages to which they are entitled will depend on the extent and nature of the unlawful intrusion into their private lives and the raw communications are needed to establish this.”

The Dotcom team said that any national security issues shouldn’t stop the information being released, because information on the sources and methods of intelligence-gathering were already public knowledge.

But lawyers for the GCSB argued that releasing the material could prejudice the security of New Zealand, and the confidence of other countries in entrusting sensitive information to New Zealand.

A main reason for Justice Gilbert’s decision is a 2013 Court of Appeal verdict that ruled the GCSB didn’t have to release the raw communications. Justice Gilbert said that meant he couldn’t relitigate the issue.

Even if it wasn’t for the Court of Appeal verdict, Justice Gilbert said national security issues outweighed public interest in the raw communications.

Dotcom has indicated he will appeal this decision.

Dotcom has been giving some of our laws a good workout. And his lawyers.

Public bigger spy threat than GCSB

A lot has been said about the risks to the New Zealand public from spying by Government agencies the SIS and the GCSB, with scant evidence of there being any actual risk to most people.

In her latest Herald column Kerry McIvor makes an interesting point, suggesting that  public ‘spies’ are a bigger risk than the GCSB – Forget GCSB, public are the spies.

She refers to the surveillance, photographing and audio recording of Aaron Smith’s toilet liaison by a couple of of ordinary people (we are led to believe, unless the SIS has a Public Morals division that we don’t know about).

Which reinforces my opinion that it’s not the Government and the GCSB we have to worry about spying on us.

Its our fellow citizens and their smartphones. Nobody is safe, as Smith discovered.

I can only imagine the incredulity from the All Blacks team management when they heard of the incident: “He’s done what?!” “He did it where?!” “They recorded it?!”

How Smith thought he could get away with a liaison in a public toilet, at an airport – while people were queued outside the door, for heaven’s sake – is beyond me. That level of idiocy is mind-boggling.

But the woman in the loo wasn’t coerced. She was a willing participant.

That’s an assumption only that’s been made. We have very little evidence provided to us (fortunately).

What we have is the court of public opinion, or rather the court of media sensationalising, driven by scant evidence given to media by a couple of public spies.

This has been just about as bad as the office sex recording in Christchurch where a couple weren’t as private as they thought but a public spy recorded them and then they were harassed to an extreme level by media.

How many innocent people have had their lives trashed by the SIS or the GCSB?

Perhaps it’s not ‘big brother’ we should be worrying about (ok, we should still worry about that a bit) but rather ‘member of public with recording device’ plus ‘media intent on sensation and clicks’ may be our biggest risk.

How long will it be until a member of the public uses a drone to record something that is then used to trash a few people’s lives?

But the biggest spy risk is probably smart phones with dumb users and dumber media.