Snowden Blasts New Zealand Surveillance

Prime Minister Dismisses the Accusations
Snowden Blasts New Zealand Surveillance
New Zealand Prime Minster John Key

The government of New Zealand launched a cybersecurity program and used it as a cover for conducting mass surveillance on its citizenry - including intercepting and retaining copies of all e-mails, text messages and Internet traffic, a new report alleges. But New Zealand Prime Minster John Key has dismissed those assertions, which were based, in part, on newly leaked documents from former U.S. National Security Agency contractor Edward Snowden, saying the program was limited to strengthening the country's cybersecurity.

See Also: User Entity & Behavior Analytics 101: Strategies to Detect Unusual Security Behaviors

Snowden quickly criticized Key's assertions, saying that during his time as an intelligence analyst with top-secret clearance, he'd seen New Zealand's active participation in mass surveillance programs.

The claim that the government has been running a mass-surveillance program was made in a report released by The Intercept, which references the leaked U.S. government documents to reveal the existence of a New Zealand program, code-named Speargun and run by the country's Government Communications Security Bureau (GCSB) signals intelligence agency. Speargun reportedly involved two phases, beginning with "covert installation of 'cable access' equipment, which appears to refer to surveillance of the country's main undersea cable link, the Southern Cross cable," The Intercept reports, followed by a second phase in which "metadata probes" were attached to the cables. According to leaked NSA documents, the metadata probes were scheduled to come online in "mid-2013."

"The technique is almost by definition a form of mass surveillance; metadata is relatively useless for intelligence purposes without a massive amount of similar data to analyze it against and trace connections through," reports The Intercept. Or as reporter Glenn Greenwald told New Zealand television program The Nation prior to releasing the documents, they provided evidence of "mass indiscriminate spying" on the country's residents, as part of the government's active participation in the Five Eyes spying program, together with Australia, Canada, the United Kingdom and the United States, reports the country's 3 News.

Government Dismisses Claims

But New Zealand Prime Minister Key, anticipating that details about Speargun would be made public, said in media interviews before the release of the documents that the program in question was designed to be a "mass cyber protection" system, including scanning all Internet communications into the country for the presence of malware. He also said that while GCSB had proposed a mass surveillance program, he dismissed the agency's proposal as being too broad, and returned it to the drawing board.

"There is no mass surveillance of Internet users undertaken by the GCSB," Key said Sept. 14 in an interview with NZTV.

The New Zealand government also published a number of declassified government documents - including multiple minutes of cabinet meetings - showing that the government instead pursued a program, code-named CORTEX, designed to counter "advanced cyberthreats" targeting the country and its online infrastructure.

Snowden Responds

Wading into the debate, Snowden begged to differ. "Let me be clear: any statement that mass surveillance is not performed in New Zealand, or that the Internet communications are not comprehensively intercepted and monitored, or that this is not intentionally and actively abetted by the GCSB, is categorically false," he says in an Incercept opinion piece published Sept. 15. "If you live in New Zealand, you are being watched."

Snowden says that while working as an intelligence analyst for the NSA in Hawaii, he regularly encountered data that had been collected by all participants in the Five Eyes program, and notes that GCSB actively participated in the development of the metadata surveillance program known as XKEYSCORE. "It allows total, granular access to the database of communications collected in the course of mass surveillance. It is not limited to or even used largely for the purposes of cybersecurity, as has been claimed, but is instead used primarily for reading individuals' private e-mail, text messages, and internet traffic."

Snowden's commentary will no doubt further polarize what's now a very public debate about mass surveillance, which has already seen Greenwald travel to New Zealand to announce the unveiling of the GCSB documents, which he previewed in media interviews over the weekend. According to Greenwald, New Zealand built Speargun in 2012 and 2013, at the same time that Key claimed he'd prevented the program from moving forward.

Greenwald was also in New Zealand to participate in a "moment of truth" panel event organized by Mega file-sharing service chief Kim Dotcom, who's also the founder of the country's Internet party, ahead of the country's upcoming Sept. 20 national elections.

But Prime Minister Key accused "Kim Dotcom and his little henchmen" - referring to Greenwald and Snowden - of attempting to disrupt those elections. "They're a bunch of conspiracy theorists who don't have the responsibility that I have."

WikiLeaks Leaks FinFisher Malware

The allegations of the New Zealand government's mass surveillance program come as WikiLeaks has leaked what it has billed as "previously unseen copies of weaponized German surveillance malware used by intelligence agencies around the world to spy on journalists, political dissidents and others." Dubbed "The Spyfiles 4," WikiLeaks says the FinFisher malware detailed in the documents can intercept and monitor communications and data from Windows, Apple OS X and Linux computers, as well as Android, iOS, BlackBerry, Symbian and Windows Mobile devices.

Until last year, FinFisher - based in Germany - was part of the U.K.-based Gamma Group. "WikiLeaks estimates FinFisher's revenue from the sales of spyware to amount to around ��50 million" - or about $65 million - Mikko Hypponen, chief research officer at Finnish anti-virus firm F-Secure. Hypponen, who's been a vocal critic of the NSA and Five Eyes surveillance programs, says F-Secure's antivirus is designed to detect and block all FinFisher-related infections.

"FinFisher continues to operate brazenly from Germany selling weaponized surveillance malware to some of the most abusive regimes in the world," says WikiLeaks chief Julian Assange in a statement. "This full data release will help the technical community build tools to protect people from FinFisher including by tracking down its command and control centers."

A customer list for the software, released by WikiLeaks, includes a number of police agencies and governments, ranging from Australia and Bahrain to Pakistan and Qatar.

"I wonder how you justify yourself when 'selling spyware to law enforcement' crosses the line into 'selling spy tools to thugs'?" says Johns Hopkins University cryptography expert Matthew Green.

About the Author

Mathew J. Schwartz

Mathew J. Schwartz

Executive Editor, DataBreachToday & Europe, ISMG

Schwartz is an award-winning journalist with two decades of experience in magazines, newspapers and electronic media. He has covered the information security and privacy sector throughout his career. Before joining Information Security Media Group in 2014, where he now serves as the executive editor, DataBreachToday and for European news coverage, Schwartz was the information security beat reporter for InformationWeek and a frequent contributor to DarkReading, among other publications. He lives in Scotland.

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing, you agree to our use of cookies.