Related:
19 April 2015,
New Zealand Herald: Leaked papers reveal NZ plan to spy on China for US
April 2013,
New Zealand Herald: NSA/CSS: Information Paper: NSA Intelligence Relationship with New Zealand (PDF)
https://firstlook.org/theintercept/2015/04/18/new-zealand-china-gcsb-nsa-auckland-hack/
New Zealand Plotted Hack on China With NSA
By Ryan Gallagher and Nicky Hager
18 Apr 2015
New Zealand spies teamed with National Security Agency hackers to break into a data link in the country's largest city, Auckland, as part of a secret plan to eavesdrop on Chinese diplomats, documents reveal.
The covert operation, reported Saturday by New Zealand's Herald on Sunday [1] in collaboration with The Intercept, highlights the contrast between New Zealand's public and secret approaches to its relationship with China, its largest and most important trading partner.
The hacking project suggests that New Zealand's electronic surveillance agency, Government Communications Security Bureau, or GCSB, may have violated international treaties that prohibit the interception of diplomatic communications.
New Zealand has signed both the 1961 Vienna Convention on Diplomatic Relations and the 1963 Vienna Convention on Consular Relations, international treaties that protect the "inviolability" of diplomatic correspondance. The country's prime minister, John Key, said in a recent speech [2] on security that New Zealand had an obligation to support the rule of law internationally, and was "known for its integrity, reliability and independence."
Last year, Key said [3] that New Zealand's relationship with China, worth an estimated $15 billion in annual two-way trade, had "never been stronger." The relationship was not just about "purely trading," he said. [4] "It is so much broader and much deeper than that."
In 2013, Key described [5] a meeting with top Chinese officials in Beijing as "extremely warm" and told of how he was viewed as a "real friend" by the country's premier, Li Keqiang.
At the same time, as minister in charge of the GCSB, Key was overseeing spying against China -- which included the top-secret planned operation in Auckland, aimed at the Chinese consulate.
The hacking project is outlined in documents obtained by The Intercept from NSA whistleblower Edward Snowden.
A secret report called "NSA activities in progress 2013," includes an item [6] titled "New Zealand: Joint effort to exploit Chinese MFA [Ministry of Foreign Affairs] link." The operation, according to another NSA document, [7] had "identified an MFA data link between the Chinese consulate and Chinese Visa Office in Auckland," two buildings about a five-minute walk apart on the city's busy Great South Road.
The document added that the New Zealand agency was "providing additional technical data" on the data link to the NSA's Tailored Access Operations, [8] a powerful unit that hacks into computer systems and networks to intercept communications. The agencies had "verbally agreed to move forward with a cooperative passive and active effort against this link," it said.
Passive surveillance refers to a method of eavesdropping on communications that intercepts them as they are flowing over Internet cables, between satellites, or across phone networks. Active surveillance is a more aggressive tactic that involves hacking into computers; in the case of the Auckland operation, active surveillance could have involved planting spyware in the Chinese government computers or routers connected via the consulate data link.
The documents do not reveal whether the operation was successfully completed, due to the timeframe that the records cover. In May 2013, Snowden left his Hawaii-based intelligence job and flew to Hong Kong carrying the cache of secret files. In April 2013, shortly before Snowden's departure, "formal coordination" [9] on the hacking plan had begun between the NSA and its New Zealand counterpart, according to the documents.
More New Zealand operations targeting China appear to have been ongoing at that time. In another April 2013 NSA document [10] describing the agency's relationship with New Zealand spies, under the heading "What partner provides to NSA," the first item on the list is "collection on China." New Zealand's GCSB surveillance agency "continues to be especially helpful in its ability to provide NSA ready access to areas and countries that are difficult for the United States to access," the report said.
China intelligence is handled inside the New Zealand agency by a special section that focuses on economic analysis. According to sources with knowledge of the agency's operations, its economic section, known as the "IBE," specialized in Japanese diplomatic communications from 1981 until the late 2000s. In recent years its focus has shifted to intercepted Chinese communications, the sources say.
In response to the revelations, a spokesperson for the Chinese Embassy in New Zealand told the Herald on Sunday that the country was "concerned" about the spying. "We attach great importance to the cyber security issue," the spokesperson said, adding that "China proposes to settle disputes through dialogue and formulate codes to regulate cyber space behaviors that are acceptable to all sides."
China itself is known to be a major perpetrator of espionage on the global stage, and it has been repeatedly [11] accused [12] by the U.S. government of hacking into American computer networks. Last year, China was linked [13] to an apparent intelligence-gathering hack on a powerful New Zealand supercomputer used to conduct weather and climate research.
But the Snowden documents have shown that countries in the so-called "Five Eyes" surveillance alliance -- which includes New Zealand, the United States, the United Kingdom, Canada and Australia -- are also heavily involved in conducting aggressive spying and hacking operations across the world.
Previous revelations have detailed how agencies in the alliance have hacked law-abiding companies, [14] [15] [16] foreign government computers, [17] and designed technology to attack [18] and destroy [19] infrastructure using cyberwar techniques. Last year, The Intercept revealed [20] how the NSA had developed the capability to deploy millions of malware "implants" to infect computers and steal data on a large scale.
The NSA, the GCSB and the New Zealand prime minister's office each declined to answer questions about this story.
GCSB's acting director, Una Jagose, said in an emailed statement that the agency "exists to protect New Zealand and New Zealanders." She added: "We have a foreign intelligence mandate. We don't comment on speculation about matters that may or may not be operational. Everything we do is explicitly authorised and subject to independent oversight."
[1]
http://www.nzherald.co.nz/nz/news/article.cfm?c_id=1&objectid=11434886
[2]
https://www.national.org.nz/news/news/media-releases/detail/2014/11/04/speech-to-nz-institute-of-international-affairs
[3]
https://www.national.org.nz/news/news/media-releases/detail/2014/03/19/china-and-nz-set-ambitious-new-trade-goals
[4]
http://www.nzherald.co.nz/business/news/article.cfm?c_id=3&objectid=11361769
[5]
http://www.stuff.co.nz/national/politics/8534978/New-co-operation-agreements-with-China
[6]
http://media.nzherald.co.nz/webcontent/infographics/357/Snowden3.png
[7]
http://media.nzherald.co.nz/webcontent/infographics/357/Snowden5.png
[8]
http://foreignpolicy.com/2013/06/10/inside-the-nsas-ultra-secret-china-hacking-group/
[9]
http://media.nzherald.co.nz/webcontent/infographics/357/Snowden5.png
[10]
https://www.documentcloud.org/documents/1874071-nzodni-bang.html
[11]
http://thehill.com/policy/cybersecurity/231998-obama-security-plan-highlights-chinese-cyber-espionage
[12]
http://www.reuters.com/article/2014/10/15/us-usa-cybersecurity-china-idUSKCN0I42MU20141015
[13]
http://www.nzherald.co.nz/business/news/article.cfm?c_id=3&objectid=11262300
[14]
https://firstlook.org/theintercept/2015/02/19/great-sim-heist/
[15]
https://firstlook.org/theintercept/2014/09/14/nsa-stellar/
[16]
https://firstlook.org/theintercept/2014/12/13/belgacom-hack-gchq-inside-story/
[17]
http://www.spiegel.de/international/world/nsa-hacked-email-account-of-mexican-president-a-928817.html
[18]
https://firstlook.org/theintercept/2015/03/23/canada-cse-hacking-cyberwar-secret-arsenal/
[19]
http://www.spiegel.de/international/world/new-snowden-docs-indicate-scope-of-nsa-preparations-for-cyber-battle-a-1013409.html
[20]
https://firstlook.org/theintercept/2014/03/12/nsa-plans-infect-millions-computers-malware/