Treasury hacked: major security threat
By Richard Harman (author)
There was speculation in Wellington last night that the “systematic and deliberate” hacking of Treasury may be separate from the Budget leaks revealed by National.
One scenario being suggested by authoritative sources familiar with the intelligence services was that in the process of investigating who had leaked details of the Budget to National, investigators, (presumably from the GCSB) found a bigger and possibly more damaging hack of Treasury’s computer systems.
Certainly, National MPs last night from across the factions in Caucus were adamant that their Leader, Simon Bridges, had done nothing illegal.
Bridges himself tweeted: “The National Party has acted entirely appropriately. @grantrobertson1 has falsely smeared us to cover up his and The Treasury’s incompetence. When what has occurred is revealed, he will need to resign.”
But Treasury’s statement last night pointed to more than just the acquisition by National of overall spending plans from the Budget.
“The Treasury has gathered sufficient evidence to indicate that its systems have been deliberately and systematically hacked,” Treasury Secretary, Gabriel Makhlouf said.
“The Treasury has referred the matter to the Police on the advice of the National Cyber Security Centre.”
The only claim linking the Treasury hack to the National leak was in a statement from Finance Minister Grant Robertson.
“This is extremely serious and is now a matter for the Police,” it said.
“We have contacted the National Party tonight to request that they do not release any further material, given that the Treasury said they have sufficient evidence that indicates the material is a result of a systematic hack and is now subject to a Police investigation.”
But that is not what the Treasury statement said.
Robertson is expected to do media interviews this morning as is Bridges and more detail may emerge from them.
In last year’s GCSB annual report, its Director General, Andrew Hampton said New Zealand organisations continued to be subject to both direct and indirect cyber threats, and “are being used as staging points by threat actors to target systems in other countries.”
The report said that the GCSB had confirmed that of three international malicious cyber attacks, two had been carried out by Russia
And if there has been a substantial cyber hacking of Treasury, Russia will be high on the suspect list.
But North Korea has also been identified as a source of hostile cyber attacks.
One source familiar with Five Eyes work told POLITIK last night that New Zealand Government departments were constantly targeted by hackers.
The question will be whether whoever hacked into Treasury was able to use that access to get into other departments.
The GCSB is developing a New Zealand Top Secret Network to link sensitive government departments but whether this is yet operational at Treasury is not known.
There were suggestions on Twitter last night that the documents produced by the National Party may have been easily available from a Google search which would have led to a Treasury site where some Budget documents were cached.
The left-wing blogger Idiot/Savant tweeted: “It seems Treasury put the whole Budget on the web for anyone to find. Accessing it isn't "hacking", any more than downloading anything else from any other public directory is … The good news for Treasury is that it doesn't seem to have been captured by the WayBackMachine. But this is their fuckup, not a crime.”
Bot Robertson and Bridges were last night trying to lay political blame on the other over the whole affair.
The documents that Bridges has were not of such substance as to require any resignations or punitive actions; leaks like that happen with every Budget.
In 2015, for example, POLITIK was briefed by people who had seen the Budget on National’s plans to launch a child poverty initiative.
A substantial hack into Treasury might be a different story and could involve questions being asked not only of the Treasury Secretary, the Minister but also the Minister in Charge of the GCSB, Andrew Little.
Presumably more will become clear this morning.