SPOOKY BITS
- Bob Leonard
NZ: Computer Hacking
Hacking into somebody else’s computer is a gross
invasion of electronic privacy and a serious problem for business and
Government, not to mention the private citizen. A recent article in the Weekend Herald (22-23/9/01) described
sustained cyber-attacks “…on one of the country’s critical companies” (probably
Telecom). In order to combat the “cyber-terrorists” (there’s that word again)
the Government is adding more than $1 million to the budget of the Government
Communications Security Bureau. The GCSB will set up the Centre for Critical
Infrastructure Protection to warn important infrastructural and Government
agencies about various types of cyber-attack. What the article doesn’t tell us
of course is that the GCSB itself and the Security Intelligence Service (SIS)
engage in hacking for Intelligence purposes. In other words, if it can be done,
the spooks will do it in the name of protecting the national interest and
security (refer to Peace Researcher 23,
June 2001, p6 for a detailed discussion of the so-called Swain Bill which makes
Government hacking “legal”).
As usual NZ is dutifully following Big Brother
America in all this. An article in the Montreal
Gazette (6/10/01) by Alex Roslin discusses “Hackers on the payroll of the
US security agencies”. “No government agency in Canada or the US has
acknowledged that it employs hackers to break into computers. That information
is secret because the targets of ‘computer exploitation’ are not just
terrorists like bin Laden and hostile states.
The targets can just as easily be citizens
at home, trade negotiators and diplomats from friendly countries, or foreign
businessmen (sic) bidding against a domestic company”. (Emphasis added).
Sound familiar? This of course has been the business of the GCSB for years
using satellite spying.
Our recent visitor from Canada, ex signals
intelligence (SIGINT) officer Mike Frost (see report elsewhere in this issue),
is credited in the Montreal article as giving (in his book “Spyworld”) the only
inside account of the US National Security Agency (NSA)’s Special Collection
Service at College Park, Maryland. The Special Collection Service may well
served, in part, as a model for the GCSB’s new computer hacking role, but is
far broader in its scope: “The Service
was set up in the late 1970s to combine the physical penetration skills of the
Central Intelligence Agency (CIA) with the technical expertise of the NSA, and
is jointly run by both agencies, said Washington DC Intelligence analyst, John
Pike. ‘It’s the black bag, breaking and entering, Mission Impossible-type
agency’. There is no doubt both the NZ
Centre and the GCSB are involved in HACKINT, or “endpoint collection” directly
from computers via hacking. “Intelligence historian James Bamford calls it ‘the
most profound change in the history of signals intelligence’”.
In sum, the GCSB’s Centre for Infrastructure
Protection purports to protect NZ agencies against computer hacking, while the
Swain Bill confers on the GCSB the “legal” right to engage in hacking itself.
It’s a neat package that will further defy any chance of control of abuses or
effective oversight by Parliament.
Mere days after the September 11 terrorist atrocities in the US (the greatest Intelligence failure in modern history) the NZ SIS announced to the world that it had established an 0800 number for people to ring and give the spooks information “which could help defeat international terrorism” (press release, 14/9/01, Helen Clark, Minister in Charge of the SIS, and Richard Woods, SIS Director). We can just imagine the sort of calls they would have got in December: “There’s this strangely dressed bearded fellow trying to get down our chimney”. Then again, what a pity that the number didn’t exist in 1996. Upon discovering suspicious strangers thrashing about in the bushes outside Aziz Choudry’s house, David Small could have rung the SIS to report them. “Oh, I’m sorry, they’re yours, are they? That must be all right then”.
Australia’s counterpart to the American CIA and Britain’s MI6 is the Australian Security Intelligence Organisation (ASIO). In the wake of September 11, ASIO will be getting new powers that are truly alarming: powers of arrest and detention for up to 48 hours; the removal of the right to silence when being questioned; the creation of terrorist offences and related legislation violating the rights of freedom of expression, assembly and association.
New Zealand’s pending Terrorist Suppression Bill (see article elsewhere in this issue) is mild indeed compared to the draconian Aussie bill. Canada and Britain, and of course the US, are following similar paths. The suspensions of civil liberties and human rights, mostly using racial and non-citizen profiles, are broad and mindless. The US Patriot Act is already in effect and has resulted in the detention of hundreds of people who have yet to be charged with any offence and with no apparent limits on the duration of detention. But ASIO’s new powers may be unique in that spies usually do not have police power. Spies are supposed to spy and gather Intelligence. Our GCSB and SIS are bad enough. But at least, thus far, we lack an agency like the CIA or MI6 capable of meddling directly in the affairs of other countries. But the direction of recent legislation appears to be moving in that direction (see the comprehensive overview of NZ’s recent legislation elsewhere in this issue.)
We have the
SIS; Britain has MI5, not to be confused with MI6 (see above). MI5 is a
domestic Intelligence agency charged with the collection of information on
people in Britain, ostensibly to aid in the defence of national security
(that’s what all good spies are for, of course). So MI5 would be expected to hold
screeds of information on many British citizens. In a recent blow for freedom
of information, a rarity in the UK, MI5 must now own up to holding files on
individuals. This remarkable ruling was reported by Richard Norton-Taylor in an
article in the Guardian
(2/10/ 01):
“In a landmark decision, a special panel of the new Information Tribunal quashed a claim by Jack Straw, when he was Home Secretary, that MI5 should never admit to holding files on an individual, even when the disclosure would not damage national security.
“The test case
was brought by Norman Baker, Liberal Democrat MP for Lewes, who was involved in
environmental groups in East Sussex in the 1980s. Last year he asked the
security service if it held a file on him, and received a letter purporting to
be from a serving MI5 officer signing himself The Mechanic. The letter told Mr
Baker that his request had caused a crisis in MI5…. The anonymous letter also
claimed that Mr Baker’s file listed him as a Greenpeace supporter.”
In short, a
file did indeed exist on Baker and the longstanding blanket ban on revealing
the existence of such files has been lifted. But that’s as far as it goes. “…anyone wishing to find out what MI5 has on
them will still face procedural hurdles…” most likely including court
challenges on a case by case basis.
------------------------------------