ITP Techblog

Brought to you by IT Professionals NZ
« Back to Security & Privacy

Brislen on Tech: NZ's Cyber Spies

Paul Brislen, Editor. 07 August 2020, 10:00 am

The first time I contacted the Government Communications Security Bureau was as a junior reporter and I rang to ask for confirmation of something. The phone was answered by a woman's voice who said "What?" Needless to say I did not get my answer.

These days the GCSB is an entirely different beast. It's no longer hiding in plain sight pretending those giant golf ball satellite tracking domes in the South Island don't exist. Instead, the director general, currently Andrew Hampton, holds public information sessions, the organisation offers scholarships and a graduate programme and the bureau is accountable to parliament and to the Inspector-General of Intelligence. It has an annual report which is freely available for all to see.


This is just as well because the GCSB's primary role is intelligence gathering of the type that used to be known as SIGINT or "signals intelligence". During the Cold War that meant listening in to satellite communications to determine where submarines were (or something like that) and what those Soviet fishing vessels were really saying back home.

Today it's potentially much more invasive at the most fundamental level - gather intelligence from digital communications which, as we all know, make up well north of 99% of our daily trade.

It has a remit to review telecommunications network deployments, help shore up New Zealand's response to cybersecurity incursions, support New Zealand Defence Force personnel as they operate around the world, support police and the NZSIS in intelligence gather of the more classic type and can do this using a range of tools and capabilities that would be illegal in any other organisation's hands.

The purpose of the GCSB under the Intelligence and Security Act of 2017 is "to protect New Zealand as a free, open and democratic society" and that can often mean protecting our national security, our international relations and our economic wellbeing.

The ISA came into being after an extensive review found the legislation of the day was inadequate for the work being done and also, more crucially, for the public expectations of the work being done.

All of which means our new look intelligence agency is really less than five years old and learning on its feet.

I spent an afternoon with Andrew Hampton this week at the GCSB's invitation. He was to give a presentation to the New Zealand Institute of International Affairs (NZIIA) in Wellington and a crowd of around 200 people showed up. My job was to ask leading questions and coordinate the back and forth with the audience, which was relatively straightforward given this was Wellington and they're well used to such events.

The modern GCSB is set up and run as any other government department. It is a public service agency, with obvious and understandable lines of accountability. The Privacy Commissioner can investigate actions the bureau takes. Citizens can send it Official Information Act requests and warrants for intelligence gathering need to be signed off by both the minister responsible and a Commissioner for Security Warrants - typically a retired High Court Judge who will ask awkward questions and demand accountability.

Building trust in the GCSB's operations is a key part of Hampton's role and he says he does this primarily through being as transparent as possible about the threats New Zealand faces and how the GCSB responds to them.

Alongside the geopolitical and military support roles, the GCSB focuses on counter terrorism, tackling transnational organised crime and cybersecurity matters. The bureau has been challenged on its role in supporting New Zealand troops, particularly in Afghanistan and whether or not GCSB played a role in the Operation Burnham incident in particular.

It has also been challenged on whether the bureau was focused on the right people and activities or not to prevent the Christchurch mosque attacks and what it will be doing around domestic terrorism in future. This is particularly interesting since the GCSB is supposed to be looking out from New Zealand and doesn't have a role in mass surveillance of New Zealanders. Such activity, if the inquiry into the shootings finds it is necessary, would require a new phase of the GCSB's existence.

But for now the agency operates through a range of capabilities. It can intercept high frequency radio transmissions, satellite communications and has legal authorisation to access information infrastructures (telecommunications networks to you and me) when it is legally authorised to do so.

Of course, much like the rest of us, the GCSB has been impacted by COVID-19 and while the spies weren't working from home (or remotely) on classified information (that's restricted to certain secure locations) they were able to work remotely for a large swathe of the non-classified work. This "low side" work includes preparing reports, doing expense reports, answering emails and writing up presentation slides, but also more important work such as monitoring for cybersecurity issues.

All of which is to say two things: the GCSB is now exploring a hybrid work environment that will allow staff to take the best of pre-COVID and post-COVID working styles where possible, and even spies have to do expense reports, which both pleases and annoys me.

Cybersecurity is a major facet of the GCSB's work these days and is an area of growth. Extra funding in recent budgets means the bureau is on the lookout for staff and has a constant recruitment drive underway at all levels, from graduate to experience professionals. It doesn't, however, mean the GCSB will be following its Australian counterpart's lead and building an offensive capability, says Hampton. Instead the agency will continue to focus on prevention and detection from a classically defensive posture.

Part of that remit is to review and support activity around protection for our elections and while that doesn't mean monitoring social media it does mean keeping a close eye out for foreign interference of any form. Hampton does say, however, that he's not a fan of the idea of online voting, at least not yet.

The GCSB plays another key role - that of arbiter of security in our telecommunications network - and has famously rejected Spark's 5G rollout proposal because of its use of Huawei kit.

While the US and UK governments both kick Huawei out of all telco work (and the US goes one step further and starts rejecting all Chinese companies from US soil), New Zealand has taken a different approach. The Telecommunications Interception Capability and Security Act gives the Bureau the power to approve or block deployment of networks in New Zealand on a case by case basis and it has reviewed more than 500 applications since the Act came into force in 2014. Almost all of them are resolved by the telcos re-working the proposal and coming up with a way round whatever issues the GCSB has. Ultimately though it isn't the GCSB that decides - telcos can appeal to the Minister (in this case, Andrew Little) who must take into account the GCSB's reasoning but also seek input from other areas of government - economic, social, competition and so on. At the end of the day it's a political game, after all.

So what keeps him awake at night? Not a lot, he told the audience, but one thing does and it's not encryption, which he says he fully supports and which plays a very important role in our modern lifestyles.

What keeps Hampton awake is the idea of quantum computing and the potential that someone will make a leapfrog discovery that unlocks such capability before the rest of the world can catch up. At that point all secrets are pulled out into the sunlight whether we want them to be or not.

What struck me most about my afternoon with the GCSB was that we left the offices and walked for five minutes to the University of Victoria building where the presentation was to take place chatting amiably. There was no security detail, nobody shouted or ranted, we loitered in the lobby of the building waiting for the previous lecture to finish and spent an hour or so showing slides and discussing the issues of the day in a public forum.

This is what the GCSB is here to protect, I suspect - this Kiwi way of life. And long may it continue.


You must be logged in in order to post comments. Log In

Web Development by The Logic Studio