US sanctions Russians for cyber attacks

The US has announced sanctions on three Russian individuals and five companies, who have been cited as ‘malicious actors working at the behest of the Russian Federation and its military and intelligence units to increase Russia’s offensive cyber capabilities’ against the US ‘and it’s allies’ – which could include New Zealand.

Reuters: U.S. sanctions Russians over military, intelligence hacking

The U.S. Treasury imposed sanctions on three Russian individuals and five companies on Monday, saying they had worked with Moscow’s military and intelligence services on ways to conduct cyber attacks against the United States and its allies.

“The United States is engaged in an ongoing effort to counter malicious actors working at the behest of the Russian Federation and its military and intelligence units to increase Russia’s offensive cyber capabilities,” Treasury Secretary Steven Mnuchin said in a statement.

“The entities designated today have directly contributed to improving Russia’s cyber and underwater capabilities through their work with the FSB and therefore jeopardize the safety and security of the United States and our allies,” Mnuchin said, using an acronym for Russia’s Federal Security Service.

The Treasury said Russia’s “malign and destabilizing cyber activities” included the NotPetya attack last year, which spread across Europe, Asia and the Americas. The White House in February blamed Russia for the attack, saying it caused billions of dollars in damage and was part of the Kremlin’s effort to destabilize Ukraine.

The Obama administration sanctioned Russia’s FSB in December 2016, citing the Russian government’s aggressive harassment of U.S. officials and cyber operations aimed at the 2016 presidential election.

Washington imposed additional sanctions against the intelligence services in March, when President Donald Trump’s administration slapped sanctions on 19 individuals and five entities.

At the time, the administration publicly blamed Moscow for the first time for a campaign of cyberattacks that targeted the U.S. power grid, including nuclear facilities, and stretched back at least two years. Russia has denied trying to hack into other countries’ infrastructures.

There’s a good chance Russia will retaliate with sanctions of their own.

GCSB (February 2018): New Zealand joins international condemnation of NotPetya cyber-attack

The Director-General of the Government Communications Security Bureau (GCSB) Andrew Hampton has today added New Zealand’s voice to international condemnation of the NotPetya cyber-attack.

NotPetya caused wide spread damage and disruption to computer systems around the world in June 2017.

Mr Hampton says the GCSB’s international partners have today attributed the NotPetya cyber-attack to the Russian Government.

“While NotPetya masqueraded as a criminal ransomware campaign, its real purpose was to damage and disrupt systems,” Mr Hampton said.

“Its primary targets were Ukrainian financial, energy and government sectors. However, NotPetya’s indiscriminate design caused it to spread around the world affecting these sectors world-wide.

“While there were no reports of NotPetya having a direct impact in New Zealand, it caused disruption to some organisations while they updated systems to protect themselves from it.

“This reinforces that New Zealand is not immune from this type of threat. In a globally connected world our relative geographic isolation offers no protection from cyber threats.

“We support the actions of our cyber security partners in calling out this sort of reckless and malicious cyber activity.”

In the 12 months from June 2016 to June 2017 nearly a third (122) of the 396 serious incidents recorded by the GCSB’s National Cyber Security Centre involved indicators that have previously been linked to state-sponsored actors.

I think it’s unlikely New Zealand will join the US with sanctions.

A fan of the Banksy exhibition

Contrasting with ‘The Auckland Banksy exhibition sucks’ is a post by Martyn Bradbury praising the Banksy exhibition.

The Daily Blog: The Liberal Agenda – Banksy Exhibition – 5 stars

By turning up in your thousands you tell Banksy his work matters and you fulfil the spirit of danger his art exists in by scaring the bejesus out of the Government security agencies who will be inevitably monitoring the exhibition.

The ability to criticise freely because of zero consequence is a power beyond branding and that’s why on its first day a staggering 1800 packed the Aotea Centre to get the chance to see his work up close.

To suggest missing this exhibition would be akin to a book burning is not an overstatement in any measure.

So he’s a fan.

By turning up in your thousands you tell Banksy his work matters and you fulfil the spirit of danger his art exists in by scaring the bejesus out of the Government security agencies who will be inevitably monitoring the exhibition.

Let the GCSB and SIS know that are in trouble if the revolution ever erupts.

Bradbury has turned his hope for starting ‘the revolution’ to an exhibition staged by the ex-manager of a street artist.

I doubt that the GCSB or SIS will be at risk of their bejesus scared all that much.

 

Key’s ‘Speargun’ claims questioned

Documents obtained by NZ Herald under the Official Information Act suggest that claims made by Prime Minister John Key about the Speargun surveillance project may not have been accurate.

NZH: John Key, mass surveillance and what really happened when Edward Snowden accused him of spying

Sir John Key’s story of how and why he canned a “mass surveillance” programme are at odds with official papers detailing development of the “Speargun” project.

The issue blew up in the final days of the 2014 election with Key claiming the programme was long-dead and had been replaced by a benign cyber-security system called Cortex.

Key always claimed the Speargun project to tap New Zealand’s internet cable was stopped in March 2013.

But new documents show development of Speargun continued after the time he had said he ordered a halt – apparently because the scheme was “too broad”.

The NZ Herald has found – after three years of refusals and information going missing – that the former Prime Minister’s version of events doesn’t match that of documents created at the time.

The plan to develop Speargun began in April 2012 under the guise of “Initiative 7418” when Cabinet asked the GCSB to develop an advanced cyber protection strategy.

The GCSB has confirmed to the Herald that a warrant was sought and granted for “Phase 1” of Speargun between July 2012 and June 2013.

GCSB director Andrew Hampton said in one response: “This warrant was sought to ensure GCSB would be able to undertake any preliminary work as part of the business case Cabinet asked GCSB to prepare.”

Details released through the OIA show there was a meeting with the GCSB over Speargun in March 2013.

This was the point at which Key claims Speargun was canned with a press release issued between the Snowden claim and election day saying: “March 2013: PM tells GCSB not to bring business case forward. Informs GCSB it is too broad. Budget contingency funding will be rolled over and used for something else in cyber security.”

But new GCSB documents tell a different story, backed up by documents from the Prime Minister’s office.

It is a detailed investigative article by David Fisher, with a number of source documents included.

Dotcom loses bid to access GCSB recordings

Kim Dotcom has failed in a bid through the High Court to get access to recordings made by the GCSB.

NZH: Kim Dotcom kept in the dark about GCSB spying

In a just-released ruling, Justice Murray Gilbert has said the recordings won’t be released.

The GCSB has previously admitted illegally intercepting private communications between Kim and Mona Dotcom, and Bram van der Kolk, as part of the extradition case being built between December 2011 and March 2012.

Then-Prime Minister John Key has apologised for the communications being intercepted.

“The Dotcoms complain that non-disclosure impedes their ability to pursue their claim and breaches their rights under the New Zealand Bill of Rights Act 1990,” the decision said.

“In particular, they submit that the measure of damages to which they are entitled will depend on the extent and nature of the unlawful intrusion into their private lives and the raw communications are needed to establish this.”

The Dotcom team said that any national security issues shouldn’t stop the information being released, because information on the sources and methods of intelligence-gathering were already public knowledge.

But lawyers for the GCSB argued that releasing the material could prejudice the security of New Zealand, and the confidence of other countries in entrusting sensitive information to New Zealand.

A main reason for Justice Gilbert’s decision is a 2013 Court of Appeal verdict that ruled the GCSB didn’t have to release the raw communications. Justice Gilbert said that meant he couldn’t relitigate the issue.

Even if it wasn’t for the Court of Appeal verdict, Justice Gilbert said national security issues outweighed public interest in the raw communications.

Dotcom has indicated he will appeal this decision.

Dotcom has been giving some of our laws a good workout. And his lawyers.

Public bigger spy threat than GCSB

A lot has been said about the risks to the New Zealand public from spying by Government agencies the SIS and the GCSB, with scant evidence of there being any actual risk to most people.

In her latest Herald column Kerry McIvor makes an interesting point, suggesting that  public ‘spies’ are a bigger risk than the GCSB – Forget GCSB, public are the spies.

She refers to the surveillance, photographing and audio recording of Aaron Smith’s toilet liaison by a couple of of ordinary people (we are led to believe, unless the SIS has a Public Morals division that we don’t know about).

Which reinforces my opinion that it’s not the Government and the GCSB we have to worry about spying on us.

Its our fellow citizens and their smartphones. Nobody is safe, as Smith discovered.

I can only imagine the incredulity from the All Blacks team management when they heard of the incident: “He’s done what?!” “He did it where?!” “They recorded it?!”

How Smith thought he could get away with a liaison in a public toilet, at an airport – while people were queued outside the door, for heaven’s sake – is beyond me. That level of idiocy is mind-boggling.

But the woman in the loo wasn’t coerced. She was a willing participant.

That’s an assumption only that’s been made. We have very little evidence provided to us (fortunately).

What we have is the court of public opinion, or rather the court of media sensationalising, driven by scant evidence given to media by a couple of public spies.

This has been just about as bad as the office sex recording in Christchurch where a couple weren’t as private as they thought but a public spy recorded them and then they were harassed to an extreme level by media.

How many innocent people have had their lives trashed by the SIS or the GCSB?

Perhaps it’s not ‘big brother’ we should be worrying about (ok, we should still worry about that a bit) but rather ‘member of public with recording device’ plus ‘media intent on sensation and clicks’ may be our biggest risk.

How long will it be until a member of the public uses a drone to record something that is then used to trash a few people’s lives?

But the biggest spy risk is probably smart phones with dumb users and dumber media.

I’m a GCSB operative

If anyone had any doubts about the credibility of a small group of muppets if this doesn’t convince you of their fantasy laced stupidity then probably nothing will.

On March 21, in amongst the usual string of inane niggles was this tweet:

Any truth to the rumours circulating that you are a GCSB operative?

While that’s more absurd than most accusations it’s as credible as all of them – it’s a joke, but I really think they seriously think that.

Because in their latest post they repeat it:

Yournz blogger Pete George, aka the Beige Badger, suspected GCSB operative; complete clown and manipulative prick. Tends toward a delusional schema, prone to taking on lost causes such as mayoralty’s, teen pregnancy, medicinal gunja and fraudsters, but like most Kiwi Bloggers, only if he thinks there might be something in it for himself.

That’s hilarious, not just for the GCSB suspicions, but this is typical transference from them – a lot of what they accuse others of applies to themselves.

The whole post may be made up drivel. Another accusation about me is certainly fabricated.

In fact, the most recent incident, wherein this myth was dragged out of the closet to be aired, for the purpose of again smearing Cameron Slater, can be found in yet another post that was also, “ostensibly”, penned by blogger Pete George (see: Hager and Whale Hypocrisy).

It was totally written by me.

George posted this piece on the 18th March.

They got that bit right.

What has subsequently become of even more interest is the fact the Pete George has in the past few days edited that post.

Like many things they claim they have made that up. Here’s proof:

PostRevision18March

That last revision time and date is exactly the same as the time and date of the post.

PostRevision18March2

So they not only make up ridiculous accusations, they fabricate ‘evidence’.

Nothing they claim can be taken seriously, they are self deluded nutters. It’s hard to work out what their latest post is actually about apart from a typical scattergun attempt at smearing with nothing new.

I wonder if they understand what the GCSB is.

GCSB contributes to New Zealand’s national security by providing information assurance and cyber security to the New Zealand Government and critical infrastructure organisations, foreign intelligence to government decision-makers, and cooperation and assistance to other New Zealand government agencies.

I’m too busy pointing out their stupidity to be involved in trivial things like that.

And laughing.

Why Bomber’s claims are totally meaningless

In his latest rant against our intelligence agencies Martyn Bradbury has bombed with a mass of misfires.

The headline: Why the ‘protections’ in new spy bill are totally meaningless

There is no new spy bill. And Independent Review has just released a report that makes observations and recommendations.

Let’s get this straight – our intelligence agencies have been caught illegally spying on NZers, were caught helping the PMs Office smear the leader of the Opposition months before the 2011 election with falsified lies, were caught being racist, were caught spying on our trade partners to try and get John Key’s mate a job, were caught out by Edward Snowden telling the NSA that legislation had loopholes to allow mass surveillance, were caught out by Edward Snowden planning to tap the Southern Cross internet cable and were caught possibly aiding the CIA rendition torture program.

Most of those claims are questionable. Some of those issues are still under inquiry so it isn’t know whether anyone has been caught doing what Bradbury asserts.

So how does Key respond to intelligence agencies drunk on their own power?

Bradbury is drunk on hyperbole. The intelligence agencies are being reported on, not requesting changes.

Why he is suggesting even more power.

No he isn’t. He is suggesting a multi-party approach to assessing the recommendations of the independent review and deciding what might be done.

Why the hell would we give the GCSB and SIS more power when they can’t manage the power they currently have?

The report says “It was clear to us from our discussions with GCSB staff and from the GCSB’s own internal policy documents that these restrictions are interpreted and applied conservatively.” Is Bradbury wanting them to apply policies more aggressively?

The reality is that the so called 3 tier system of protections being suggested by the new legislation are utterly meaningless. The loophole built into the suggested legislation allows the spies to disregard all 3 of those tiers IF they believe there is an emergency or risk to life,  they then get 48 hours of warrantless surveillance.

This allows fishing expeditions for the spies.

Again, there is no new legislation. It should not allow fishing expeditions.

We must demand more protections for ourselves from this ever growing ultra secret deep state. A modern day stasi that answers to the NSA doesn’t make our democracy safer, it makes it far more dangerous.

Demanding more protections for ourselves is fine, but protecting ourselves from others requires some secret surveillance powers.

Likening New Zealand to a “modern day stasi ” is just pathetic.

Bradbury has bombed this with his hyperbole – “an extreme exaggeration used to make a point”. The problem is this sort of hyperbole doesn’t make any point other than the lack of credibility of the ranter.

No mass surveillance

The First Independent Review of Intelligence and Security in New Zealand  looked at whether mass surveillance was being carried out by the GCSB.

The report  concludes that there is no mass surveillance.

It was clear to us from our discussions with GCSB staff and from the GCSB’s own internal policy documents that these restrictions are interpreted and applied conservatively.

Far from carrying out “mass surveillance” of New Zealanders, the GCSB is unable to intercept New Zealanders’ communications even where it is for their own safety.

For example, the GCSB would be unable to analyse the communications of a New Zealander taken hostage in a foreign country unless it was assisting the NZSIS, NZDF or Police under their legislation.

That’s unlikely to change the minds of security and surveillance critics. Green co-leader Metiria Turei:

The GCSB had already been “quite liberal and loose” with their existing activities, and they should not be given more powers until it was clear they would follow the law.

That’s the opposite of what the report found.

Here are relevant references from the report.

1.11   In New Zealand, there has been considerable debate in the media about whether the GCSB conducts “mass surveillance” of New Zealanders. Having spent some months learning about the Agencies’ operations in detail, we have concluded that this is not the case, for reasons we discuss below.  However, there is a degree of scepticism among the New Zealand public about the Agencies’ activities.

In a survey carried out by the Privacy Commissioner in 2014, 52 percent of respondents were concerned about surveillance by New Zealand government agencies. We received a number of submissions from people who did not see the need for intelligence and security agencies at all and considered there was no justification for the government intruding on individuals’ privacy.

Does the GCSB conduct “mass surveillance”?

3.34  As we discussed in Chapter 1, there has been some debate in the public arena about whether the GCSB conducts “mass surveillance”. In light of this, we considered it important to describe what the GCSB does and does not do. While we cannot go into as much detail as we would have liked given the classified nature of the GCSB’s operational activities, we hope what we can say will inform this debate in a useful way.

3.35  “Mass surveillance” is a term that can be understood in a number of different ways. In this context it is important to distinguish between communications that are collected by GCSB systems – for example, its satellite interception station at Waihopai – and those that are actually selected and examined by an analyst.

3.36  The reality of modern communications is that it is often not possible to identify and copy a specific communication of interest in isolation. If a particular satellite might carry a relevant communication, the GCSB cannot search for that communication before interception occurs. First it needs to intercept a set of communications, most of which will be of no relevance and will be discarded without ever being examined by an analyst. This is the haystack in which the needle must be found.

3.37  Even this “haystack” represents only a tiny proportion of global communications. The GCSB conservatively estimates that there are over 1 billion communications events every day on the commercial satellites that are visible from Waihopai station. These represent approximately 25 percent of commercial satellites that match the Earth’s rotation (although signals cannot always be secured even from those satellites that are visible). We were told the proportion of those 1 billion communications that are actually intercepted equates to roughly one half of a bucket of water out of an Olympic-sized swimming pool.

3.38  To find the “needle” (or the communications that are of intelligence value), the GCSB filters intercepted material for relevance using search terms. Only those communications that meet the selection criteria are ever seen by an analyst. The GCSB has internal processes in place toensure analysts justify their use of each search term and record all searches for the purpose of internal audits and review by the Inspector-General of Intelligence and Security.

3.39 Given these controls on what information can actually be examined by analysts, in our view the GCSB’s ability to intercept sets of communications does not amount to mass surveillance. That term suggests a kind of active monitoring of the general population that does not occur. It would neither be lawful nor even possible given the GCSB’s resourcing constraints.

3.40 Capacity acts as a check on all signals intelligence agencies, although it is particularly pronounced for the GCSB given its comparatively small size. It is simply not possible to monitor communications (or other data) indiscriminately. Professor Michael Clarke, the (now retired) Director-General of the UK’s Royal United Services Institute who convened the 2015 Independent Surveillance Review, referred to this when giving evidence before the Joint Committee on the Draft Investigatory Powers Bill:97 The other great safeguard is the sheer physical capacity. One will be astonished at how little [intelligence agencies] can do, because it takes so much human energy to go down one track. The idea that the state somehow has a huge control centre where it is watching what we do is a complete fantasy. The state and GCHQ [the UK’s signal’s intelligence agency] have astonishingly good abilities, but it is as if they can shine a rather narrow beam into many areas of cyberspace and absorb what is revealed in that little, narrow beam. If they shine it there, they cannot shine it elsewhere. The human limitation on how many cases they can look at once is probably the biggest safeguard.

3.41 We also observe that there are currently restrictions on the GCSB’s ability to intercept the private communications of New Zealand citizens and permanent residents. These restrictions apply to New Zealanders anywhere in the world, not just those in New Zealand. It was clear to us from our discussions with GCSB staff and from the GCSB’s own internal policy documents that these restrictions are interpreted and applied conservatively. Far from carrying out “mass surveillance” of New Zealanders, the GCSB is unable to intercept New Zealanders’ communications even where it is for their own safety. For example, the GCSB would be unable to analyse the communications of a New Zealander taken hostage in a foreign country unless it was assisting the NZSIS, NZDF or Police under their legislation.

 

 

 

Security versus privacy

The review of our spy agencies the GCSB and the SIS has reignited the security versus privacy issue.

Ideally we need to find a way of improving security, which requires some surveillance, while strengthening the protection of personal privacy. We should be targeting simpler clearer laws, possibly with some greater powers but with greater transparency and much better independent and political oversight.

A number of related reports:

Jane Patterson at Radio NZ: Security v privacy: A balancing act

A review of New Zealand’s intelligence agencies has found the laws governing the Security Intelligence Service (SIS) and the Government Security Communications Bureau (GCSB) are clunky, inconsistent and preventing those agencies from properly carrying out their jobs.

The challenge confronting lawmakers, past and present, is how to balance citizens’ rights to living in a safe and secure country, against their rights to privacy.

She concludes:

The review has attempted to balance the rights of security against privacy by proposing stronger oversight and warranting provisions.

It is now up to the politicians to strike that balance in line with the expectations of the New Zealand public.

A look at our chief security overseer at Stuff: National Portrait: Inspector-General of Intelligence and Security Cheryl Gwyn

Gwyn is the official spy watchdog, and she bites.

Gwyn has begun a series of inquiries which ask dangerous questions about both the SIS and the other intelligence agency, the GCSB.

Did the GCSB use its powers to help former Trade Minister Tim Groser in his (unsuccessful) bid to become head of the World Trade Organisation?

Were New Zealand spies involved with the CIA’s torture of prisoners between September 2001 and January 2009?

Does the GCSB snoop on the communications of New Zealanders working or holidaying in the South Pacific?

This could be a breach of the law preventing the GCSB from bugging New Zealand citizens or permanent residents. It was the bureau’s illegal bugging of permanent resident Kim Dotcom that lit a firestorm under the GCSB.

Claire Trevett on Michael Cullen and the review: The ex-politician who came in from the cold

Cullen proved the perfect man to front the report for the Government. His own lengthy tenure as Deputy Prime Minister and Attorney-General meant he was well aware of the type of information the intelligence agencies provide, and the importance of that information for a government.

He told the spy agencies to up their game when it came to public relations if they wanted to reduce public scepticism about their role. He then proceeded to do that PR for them, running through a list of threats to New Zealand from domestic attacks to cybercrimes. He spoke of whether the GCSB could help if a New Zealander was lost at sea or taken hostage – hypothetical situations but based on actual risks New Zealand had faced.

That it also makes it harder for Labour to quibble with the recommendations put forward is almost the only the cherry on the top.

If we are to achieve better security and better privacy it’s essential for both National and Labour to work together on this without partisan sniping. They will both at times be in the most responsible position for providing security for the country and protection of us, the citizens.

Cullen on virtual merger of GCSB and SIS

The security review was forbidden from suggesting a merger of our two spy agencies, SIS and GCSB, but it has gone as far as it can in recommending much closer links between the two.

Claire Trevett: A proposed ‘civil union’ of two intelligence agencies

Sir Michael Cullen has never been one to mince words so when he was asked why he and Dame Patsy Reddy had not simply recommended a merger of the two intelligence agencies, he was blunt: it was because the Government had not allowed it under the terms of reference.

That didn’t stop him recommending what amounts to a merger in all but name, which will see the GCSB and SIS remain technically separate entities but controlled by the same legislation with very similar powers – it was, as Dr Cullen said “a civil union”.

The most controversial aspect of it is likely to be the recommendation to allow the GCSB to spy on New Zealanders without requiring a warrant to do so on the behalf of other parties. It breaks a longstanding split between the SIS and GCSB under which the GCSB could only spy on foreigners and the SIS on New Zealanders.

The examples Dr Cullen gave of the virtue of extending that to the GCSB were rather sympathetic to his own case – he spoke of a New Zealander lost at sea and said the GCSB would not be able to use its cellphone tracking technology to find that person because they were a New Zealander.

In reality the split of powers had become increasingly redundant anyway. The review team also proposed a strong authorisation process to ensure there was not indiscriminate spying. In reality that split of powers had become increasingly redundant.

Sir Michael pointed out the SIS had the power to spy domestically but the GCSB had the technology to do so. In terms of the difference in the technology between the two, he said “it’s really a question of can you use Snicko and Hawkeye or can’t you in order to establish whether there was a no ball?”

Dr Cullen argued it was not a vast expansion of powers, but rather an attempt to clear up the current conflict for the GCSB. The legislation covering the GCSB already allows it to spy on behalf of other agencies with a warrant. One of Dr Cullen’s more surprising admissions was that despite the attempt to change the GCSB’s legislation to specify when it could spy on New Zealanders, the GCSB had only become more hesitant to do so. That happened after it was found to have unlawfully spied on more than 100 people due to confusion over its powers when acting on behalf of other agencies.

Dr Cullen said the GCSB and it had become overly cautious in the wake of that controversy to an extent it was impacting on its work. That had, he argued, almost put the Government in a position of failing in its duty to protect the lives of New Zealanders.

In short the review recommends a simplification of multiple laws, clarification of what powers the SIS and especially the GCSB have, and better oversight.

If the recommendations are followed – and they will need the approval of both National and Labour at least – it could leave two separate agencies but in practice sets up a virtual merger.

Balancing the need for effective security with the privacy of individuals will continue to be contentious.