A police investigation into ‘stolen’ or ‘leaked’ emails from the Leader of the Opposition’s office reveals just how slack so-called computer security can be… until we have reason to beef it up. I bet they’re more security-conscious now!
“While it is accepted by the experts interviewed that external hacking can never be fully eliminated, ‘hacking’ of the Parliamentary Services computer is not considered to be how the offence was committed,” the investigation report stated.
It suggested two ways in which the emails might have been obtained – Dr Brash may have been using an “auto forward” function on his email accounts, or someone else had used computers or laptops that had access to them.
The investigation found gaps in security access to Parliament’s third floor, meaning there were opportunities to grab sensitive documents in electronic or hard copy form.
It noted that Dr Brash printed documents at night to collect in the morning and left documents in his out-tray for shredding, which was not attended to regularly.
He and an associate, whose identity is protected in the report, left their laptops unattended while logged on.
The report quoted computer company Axon’s service delivery manager, Deborah Clarke, as suggesting attitudes towards security in Parliament were too relaxed. “They want all the security in the world but they’re not prepared to live through the fundamentals of doing what you have to do to make sure you maintain security,” she said. “So they don’t let us implement complex passwords.”
From the NZ Herald
Footnote: Of course, Dr Brash wouldn’t have had to resign if the contents of the leaked/stolen emails wasn’t so politically damaging. Crikey dick, it wasn’t Nicky Hager’s book The Hollow Men that destroyed Brash’s political career. It was just the truth about those communications (or a version of it) coming out!