Spying, surveillance and CORTEX are back in the news. By way of background, recall the revelations that emerged just prior to the 2014 election at Dotcom’s flawed “Moment of Truth” (NEW ZEALAND LAUNCHED MASS SURVEILLANCE PROJECT WHILE PUBLICLY DENYING IT). Here’s The Guardian summary:
- Documents provided by the whistleblower Edward Snowden reveal that the New Zealand government worked to implement a secret mass surveillance program code-named “Speargun” throughout 2012 and 2013.
- It followed an admission at the weekend by the New Zealand prime minister, John Key, that his government considered a mass-spying proposal after a series of cyber attacks. Key says the proposed surveillance made him “uncomfortable” and that he halted it in March 2013.
- Edward Snowden has weighed in, warning New Zealanders that he was personally able to search their intercepted internet traffic while working as an NSA analyst in Hawai’i. “If you live in New Zealand, you are being watched,” he wrote.
- Key responded by releasing his own declassified documents, which he says prove that no mass spying ever took place.
- Snowden has appeared via live stream at Moment of Truth, an Internet party event at Auckland Town Hall intended to publicise the Speargun revelations. Snowden told the audience that the NSA’s reach extended even to Auckland, where he claimed the agency operated a spy facility.
In trying to confuse and deflect the attention in surveillance tool Speargun, Key hastily released some details of a different tool, CORTEX. This raised many interesting questions. More of CORTEX below.
Round 2 on surveillance occurred earlier this year, with further revelations in the “Snowden Files”, as reported in The Herald by Nicky Hager and Ryan Gallagher, for example Snowden revelations / The price of the Five Eyes club: Mass spying on friendly nations. And let’s not forget David Fisher’s scoop on spying for Tim Groser’s failed WTO job bid, GCSB spies monitored diplomats in line for World Trade Organisation job.
Fast forward to today and CORTEX is back in the news. David Fisher:
GCSB ‘Cortex’ system aimed at ISPs
The “Cortex” system Prime Minister John Key made public to counter claims of mass surveillance of New Zealanders is now being aimed at the internet service providers handling the emails and online data of everyday Kiwis.
But the Government Communications Security Bureau said Kiwis’ Twitter communications were safe, with the “eligible” internet service providers (ISPs) carrying less than 1 per cent of the country’s internet traffic. Of that, it was expected 1 per cent at most of that traffic would contain suspect cyber activity and only 0.01 per cent to 0.5 per cent would be seen by a GCSB analyst alerted by an automated system.
The details were published on the GCSB website ahead of an expected announcement today by Communications Minister Amy Adams of a new cyber security action plan.
The details on the GCSB website say it is carrying out a “malware free networks” pilot with an ISP which could later be rolled out to others. It says it is not compulsory for ISPs to join and ISPs are obliged to tell customers their data is being screened.
However, it also says ISPs are not allowed to name the GCSB as being involved because doing so could give hackers a signpost to valuable targets.
It rejected any suggestion it is “mass surveillance”, saying it had an automated searching function to sniff out malicious traffic.
However, it also conceded that a rare set of circumstances could lead to GCSB staff reading people’s emails. In those cases, “all a GCSB analyst would be looking for in an email is evidence of malicious cyber activity”. …
Some pretty odd comments from the GCSB there, but never mind, it seems clear that new measures will be put in place. So is CORTEX in fact benign malware protection, or is it a Trojan horse for more? I have no way of knowing of course. But these comments in the NBR in September make me ponder:
Early successes for Cortex have included helping a government agency mitigate an attack on several officials’ emails, aiding six significant organisations recover from a newly identified source of cyber attack and detecting large-scale targeting of a nationally significant entity as part of a global campaign by a foreign threat, [acting GCSB director] Jagose said. It also helped an Auckland firm recover from overseas criminal attack, resolved a long-term compromise in a large information technology firm, helped a telecommunications provider respond and strengthen systems after suspicious activity on its network, and assisted private sector firms facing ransomware attacks.
Those claimed successes, if indeed a result of CORTEX, while vague, seem to go well beyond simple malware detection and prevention, and in to quite broad analysis of content.
Given this government’s record of secrecy, lies, and misuse of surveillance, I think we the people would be naive to believe that CORTEX and other aspects of the proposed “cyber security action plan” are anything less than another escalation of the surveillance of New Zealanders.
Final footnote – Key long ago withdrew his promise to resign if there was mass surveillance.