Category Archives: Australia

Sensitive personal data of hundreds of visa applicants accidentally leaked in email mishap

The personal health information of 317 people applying for Australian visas was accidentally emailed to a member of the general public, an ABC investigation has revealed.

Key points:

  • 317 names, dates of birth, passport numbers and medical test notes were sent to an unknown Gmail address
  • The subcontractor was removing data from secure Immigration Department systems, against government policy
  • Subcontractors are increasingly relied upon to handle sensitive public data

‘Tens of thousands’ of Australian firms may be affected by Chinese huge hack attack

One of the nation’s top cyber security officials has warned that “tens of thousands” of Australian companies could have been compromised by Chinese intelligence services’ hacking of major global technology firms.

“It’s the biggest and most audacious campaign I’ve seen,” said Alastair MacGibbon, the head of the government’s Australian Cyber Security Centre.

Australians need to think about doing this immediately to protect their heath data records

A NEW system of digitised, comprehensive medical records for everyone in this country is set to come into effect shortly but Australians are being warned about potential privacy and security issues.

The Federal Government’s new My Health Record system will create a personal medical history file for every Australian.

People’s medical records will be stored on a national database under the scheme, to be viewed by patients, doctors and other medical staff at any time. That is, unless you opt out – which you can do for a three-month period beginning today.

Government’s plan to spy on all Australians exposed in leaked letters

It may shortly be far easier for government spies to access your private data. Photo source: Pixabay

We’re constantly being advised to protect our data and information online, but it turns out there may be even a greater threat & cause for concern.

An exclusive report by The Sunday Telegraph reveals our online data may not even be safe from the Australian Government. Australian citizens may soon be subjected to secret digital monitoring by the top cyber spy agency in the country with no warrant rerquired for accessing all your info when they feel like it.

This means everything from text messages to emails and even bank statements could be accessed in secret under the radical new proposed plan. The Sunday Telegraph viewed the secret letters between the heads of Department of Home Affairs and Defence. The letters detail possible new powers for the Australian Signals Directorate (ASD).

As the current rules stand, intelligence is not to be produced on Australian citizens. Having said that, the Australian Federal Police and domestic spy agency ASIO can investigate people with a warrant and also seek help from the ASD if needed in what are deemed to be extreme cases.

If the proposal is passed, it would be up to Defence Minister Marise Payne and Home Affairs Minister Peter Dutton to allow spying to occur. Furthermore, they could approve cases without Australia’s top law officers being aware of it.

The Sunday Telegraph believes Dutton hasn’t yet presented Payne with any formal proposals for changes to the legislation. If passed though, spies would be given permission to secretly access information relating to an Australian citizens’ financial data, health information and phone records. A change in law would mean it’s also illegal for government agencies and private businesses to hold back any information that could hinder the security measures.

The Sunday Telegraph believes the reason for the data crackdown would be to stop terrorism, child exploitation and other serious crimes being conducted both here in Australia and overseas.

Several times in recent months online data and its safety has made headlines. Earlier this year, Facebook came under fire for breaching privacy data rules. As it stands, anything you share or access online remains there, even if you delete it.

This means any photos, emails, website history, online comments and videos you upload or view are stored away somewhere in cyberspace. Worryingly, any information shared on a social media platform such as Facebook will remain with the company, even if your profile is deleted.

What are your thoughts? Have you concerns that your private information could be secretly accessed by spies and the government? Do you think it’s really to protect Australians, or just another feeble excuse for the government to gain more information about us? Big brother is going too far this time one would think. Write to your MP.

Henry Sapiecha

ASIO restructuring strategy and resources in the face of cyber threat

The country’s intelligence agency has aligned its resources to focus on the growing threat of cyber espionage targeting ‘a range’ of Australian interests.

In the wake of accusations from United States intelligence agencies that Russia hacked into Democratic Party emails, thus helping Donald Trump to election victory last year, a report from Australia’s intelligence agency said the country’s national security resources are focused on preventing foreign threat actors from “targeting a range of Australian interests”.

In its 2016-17 Annual Report [PDF], the Australian Security Intelligence Organisation (ASIO) explained that Australia continued to be a target of espionage and foreign interference, noting in particular that foreign intelligence services sought access to privileged and/or classified information on Australia’s alliances and partnerships; the country’s position on international diplomatic, economic, and military issues; as well as energy and mineral resources, and innovations in science and technology-related fields.

ASIO called the threat from espionage and foreign interference to Australian interests “extensive, unrelenting, and increasingly sophisticated”.

“Foreign intelligence services are targeting a range of Australian interests, including clandestine acquisition of intellectual property, science and technology, and commercially sensitive information,” the report explains.

“Foreign intelligence services are also using a wider range of techniques to obtain intelligence and clandestinely interfere in Australia’s affairs, notably including covert influence operations in addition to the tried and tested human-enabled collection, technical collection, and exploitation of the internet and information technology.”

During the reported period, ASIO said it identified foreign powers clandestinely seeking to shape the opinions of members of the Australian public, media organisations, and government officials, motivated by the appeal of “advancing their country’s own political objectives”.

As highlighted by ASIO, rapid technological change continued to provide people who are engaging in activities that threaten Australia’s security with new tools to conceal their activities from security and law enforcement agencies. In particular, ASIO said the use of encrypted communications by security intelligence targets was — and still is — an area of particular concern.

“Australia continues to be a target of espionage through cyber means; the cyber threat is persistent, sophisticated, and not limited by geography,” ASIO warned.

“Increasingly, foreign states have acquired, or are in the process of acquiring, cyber espionage capabilities designed to satisfy strategic, operational, and commercial intelligence requirements.”

Watching carefully the area of investment flows, ASIO said that while Australia’s open and transparent economy, which invites foreign investment, is a welcome and important contributor to Australia’s national wealth, it is not without national security risks.

“For example, foreign intelligence services are interested in accessing bulk data sets and privileged public or private sector information, including Australian intellectual property. Developing and implementing effective mitigation strategies for these issues is critical to reducing the threat to an acceptable level,” the report says.

Another emerging issue of potential national security concern to ASIO is the lack of diversity of ownership within certain infrastructure sectors.

The agency also said that the number of cybersecurity incidents either detected or reported within Australia represents a fraction of the total threat the country legitimately faces.

While technology provided security and law enforcement agencies with new opportunities to identify activities of security concern, ASIO said building and maintaining technical collection capabilities to stay ahead of the threats proved to be resource intensive.

“Transforming existing agency information and communications technology infrastructure to effectively exploit new capabilities, manage the large volume and variety of data available, and to be adapted easily to new technologies is a major challenge, and one that will require significant, ongoing investment,” the agency wrote.

“In addition to technological challenges in the operating environment, we faced heightened threats to our staff, facilities, and information.”

ASIO said such challenges required the diversion of resources to “ensure the security and effectiveness” of the agency’s operations.

Throughout the period, ASIO said it worked closely with Australia’s national security partner agencies, which included work to progress shared national security objectives through joint agency bodies such as the federal, state, and territory Joint Counter Terrorism Teams (JCTT), the National Threat Assessment Centre (NTAC), the Jihadist Network Mapping and Targeting Unit, and the Australian Cyber Security Centre (ACSC).

Similarly, work with international peers was maintained with over 350 partner agencies in 130 countries, ASIO explained.

The intelligence agency specifically worked with counter-terrorism prosecution in New South Wales, Victoria, and Queensland, providing assistance and evidence on telecommunications intercepts, physical surveillance, listening, and tracking devices.

“In 2016-17, we continued to work closely with telecommunications companies regarding the security risks associated with the use of certain companies in their supply chains and risks arising from foreign ownership arrangements,” the report says.

“We provided sensitive briefings to the Australian government and the telecommunications sector to outline the threat and, where possible, recommended appropriate mitigation measures.”

ASIO said that through its work with ACSC, it regularly observed cyber espionage activity targeting Australia.

“Foreign state-sponsored adversaries targeted the networks of the Australian government, industry, and individuals to gain access to information and progress other intelligence objectives,” the agency wrote.

“ASIO provided support to the ACSC’s investigations of these harmful activities as well as the centre’s work to remediate compromised systems. The number of countries pursuing cyber espionage programs is expected to increase … as technology evolves, there will be an increase in the sophistication and complexity of attacks.”

It isn’t just foreign threats on ASIO’s radar, with the agency noting it remained alert to, and investigated threats from, malicious insiders.

“Those trusted employees and contractors who deliberately breach their duty to maintain the security of privileged information,” ASIO explained. “These investigations continued to be complex, resource-intensive, and highly sensitive.”

In-house, ASIO said it also worked to build an enterprise technology program to enable the agency to “excel in using technology and data” to achieve its purpose.

“Given the increasing opportunities and challenges brought about by rapid advances in technology, it is imperative that ASIO is a ‘data-enabled organisation’, connected to its partners, accountable to the people, innovative in its approach, and sustainable for the long term,” the report says.

From July 2018, Australia’s new Home Affairs ministry will be responsible for ASIO, Australian Federal Police, Border Force, Australian Criminal Intelligence Commission, Austrac, and the office of transport security. It will see Attorney-General George Brandis hand over some national security responsibility to Minister for Immigration and Border Protection Peter Dutton.

Of the ministerial changes and the recommendations of the 2017 Independent Intelligence Review, ASIO Director-General of Security Duncan Lewis said he believes the new measures will play an important role in strengthening the agency’s strategic direction, effectiveness, and coordination of Australia’s national security and intelligence efforts, at a time when “the nation is facing complex, long-term threats” to its security.

Henry Sapiecha

Top-secret documents reveal Australia targeting Indonesia, South Pacific mobile phone networks

Data revelations: A leaked report confirms Australia's deep interest in Indonesia's largest mobile phone network, Telkomsel.

Data revelations: A leaked report confirms Australia’s deep interest in Indonesia’s largest mobile phone network, Telkomsel. Photo: Rob Homer

Australian spies are targeting Indonesia’s largest mobile phone network as well as the telecommunications systems of Australia’s small Pacific Island neighbours, according to documents obtained from the former US intelligence contractor Edward Snowden.

According to leaked documents published in New Zealand on Thursday, the Australia’s top-secret electronic espionage agency, the Australian Signals Directorate, has been working intimately with its NZ counterpart, the Government Communications Security Bureau to obtain comprehensive access to telecommunication networks across Indonesia and the South Pacific.

The documents show that the ASD and GCSB spy intensively on small and vulnerable Pacific island countries, harvesting communications from Fiji, Papua New Guinea, the Solomon Islands, Nauru, Samoa, Vanuatu, Kiribati, New Caledonia, Tonga and French Polynesia.

Document obtained from whistleblower:
Former intelligence contractor Edward Snowden.

The Australian and NZ spies are targeting Indonesia’s largest mobile phone network as well as the telecommunications systems of Australia’s small Pacific Island neighbours, according to documents obtained from the former US intelligence contractor Edward Snowden. The Australian and NZ signals intelligence agencies intercept satellite communications and under-sea telecommunications cables, and share the “full take” of telephone calls, emails, social media messages and associated metadata with each other as well as their “5-eyes” partners, the US National Security Agency and the British Government Security Communications Headquarters.

A leaked top-secret NZ report confirms the ASD’s deep interest in Indonesia’s largest mobile phone network, Telkomsel, which serves more than 122 million subscribers.

A NZ intelligence officer working on exchange in Canberra in 2009 was placed in ASD’s “network infrastructure analysis section” where he was given “specific … tasks regarding Indonesian cellular telecommunications provider Telkomsel” including “investigating Call Data records being sent over FTP” [file transfer protocol – a standard network protocol used to transfer files from computer host to another], and researching Telkomsel’s voice compression gateways used to support transmission of long-distance international and domestic telephone traffic.

Another 2012 US NSA document published last year revealed that the ASD stole nearly 1.8 million encrypted master keys, which are used to protect private communications, from the Telkomsel network, and developed a way to decrypt almost all of them. The ASD has also accessed bulk call data from Indosat, Indonesia’s domestic satellite telecommunications provider, including data on Indonesian officials in various government ministries.

The top-secret NZ documents also reveals details of co-operation between Australia and NZ to access to the South Pacific mobile phone networks, including in the Solomon Islands, where the two countries intelligence agencies “worked closely … to retain situational awareness as the Solomon Telekom network has expanded and evolved”.

The ASD and GCSB personnel intercepted mobile phone calls from a signals intelligence collection facility near Honiara, codenamed CAPRICA and probably located at Camp RAMSI, the headquarters of the Regional Assistance Mission to the Solomon Islands.  With a view to expanding coverage of Solomon Telekom’s network, the ASD and GSCB also conducted a radio frequency survey, codenamed PREBOIL, at the Australian Federal Police facility at the Guadalcanal Beach Resort near Henderson Airport, some 16 kilometres from Honiara.

Fiji is another Australian intelligence priority revealed in the leaked documents, with the GCSB reporting that it had assisted the ASD’s military support unit to conduct a “target systems analysis” on the command, control and communications of the Fiji government, military and police.

The study highlighted the importance of mobile phone networks for intelligence collection because such networks were the Fiji military’s “tactical” preference ahead of radio networks and a “poorly maintained and very limited [military] computer network.”

The Australian government has repeatedly refused to comment on specific disclosures from the papers leaked by Edward Snowden. However last year Prime Minister Tony Abbott insisted that Australia would not use intelligence “to the detriment of other countries”.

OOO

Henry Sapiecha

 

Communications Committee to quiz ASIC on Section 313

aust gov logo white on black

The Australian Securities and Investments Commission (ASIC) says it is critical that it has at its disposal an effective and flexible enforcement toolkit, including the ability to block illegal websites, in the fight against investment frauds.

Tomorrow, the House Standing Committee on Communications will hear evidence from ASIC at its second public hearing for its Inquiry into the use of the Telecommunications Act 1997 by government agencies to disrupt the operation of illegal online services.

In April 2013, the use of section 313 of the Telecommunications Act 1997 gained widespread media attention when it was revealed that ASIC, in seeking to block access to sites associated with investment fraud, had accidentally blocked access to 250,000 web sites including the site of the Melbourne Free University. This incident revealed that the use of section 313 required closer scrutiny.

ASIC has since identified the problems it had using section 313, and possible ways for increasing due diligence, transparency and reporting and will present to the Committee tomorrow.

Committee Chairman Jane Prentice said: “The inadvertent blocking of legitimate websites by ASIC under section 313 in early 2013 raised concerns about how and when the disruption of illegal websites should be conducted by government agencies. The need for such powers, given the scale of criminal activities online, is beyond doubt, but their application needs to be subject to appropriate checks and public scrutiny. The Committee will be looking at ways to better manage the use of section 313 as the Inquiry proceeds.”

Details of the hearing are as follows:

Date: Wednesday 3 December 2014
Time: 8:00 am
Venue: Committee Room 1R3, Parliament House, Canberra

Further information on the Inquiry, including the full terms of reference and how to prepare a submission can be obtained from the Committee’s website at www.aph.gov.au/section313 or from the Secretariat on (02) 6277 2352.

For media comment: please contact the Committee Chairman, (07) 3378 1599 or (02) 6277 4426
Further information: contact the Inquiry Secretary (02) 6277 2352, email ic.reps@aph.gov.au or visit the Committee’s webpage at www.aph.gov.au/section313

Media release date: 2 December 2014

Henry Sapiecha

Semi-automatic weapons, ammo handled in mystery Brisbane military operation in preparation for the G20 summit

 

miliary personal handling semi auto weapons g20 brisbane summit  image www.intelangencies.com

Semi-automatic weapons, ammo handled in mystery Brisbane military operation

BRISBANE CBD residents watched on in awe as a movie-like scene played out in front of their eyes as G20 preparations continued early this morning.

After seeing a large gathering of soldiers believed to have been armed with semi-automatic weapons, those enjoying a late Sunday night saw their purpose become apparent.

Around midnight, a convoy of vehicles carried soldiers a short distance to an underground car park at a building where their operation would soon come to life.

One inner-city road was partially blocked as a fleet of army vehicles rolled in.

Finally, about 12.45am, at least four speed boats were seen zipping along the Brisbane River before unloading crews.

Tactical Assault Group East conducts a training exercise early Monday morning at Stamford Plaza, Brisbane ahead of the G20 Leaders' Summit.image www.intelagencies.com

Tactical Assault Group East conducts a training exercise early Monday morning at Stamford Plaza, Brisbane ahead of the G20 Leaders’ Summit. Photo by Sarah Keayes

At the same time, four Black Hawk choppers hovered ominously around buildings – coming within metres of some – in what appeared to be a simultaneous “attack”.

Dozens of soldiers appeared, aided by what was believed to be night vision and gas masks.

Moments earlier, loud bangs and shoutings of “get down” had been heard inside one of the nearby buildings.

After approximately half an hour, the “intruders’’ were seen being taken to a central point in the building in what seemed to be arrested-like fashion.

A chopper hovers just metres from the buildings G20 summit Brisbane image www.intelagencies.com

A chopper hovers just metres from the buildings. Photo Adam Armstrong.

Tactical assault personnel on the Brisbane River during the late-night exercise. Photo by Sarah Keayes

For several hours, a large number of military dressed personnel — estimated to be about 50 — descended on an inner-city commercial carpark in what is believed to be a G20 training operation.

In plain sight of pedestrians, the personnel handled what appeared to be semi-automatic weapons, ammunition, helmets and large equipment containers.

The group were dressed in olive-coloured military style clothing with no apparent badges identifying themselves or their agency.

Some appeared to be wearing body armour.

Personnel on scene refused to provide any details of the operation or the agencies involved when asked by The Courier-Mail.

For a short period of time, a single police car was also seen parked out the front of the carpark where the operation was taking place.

ooo

When contacted by The Courier-Mail on Sunday night, spokespeople for the Australian Federal Police, Queensland Police Service and Defence Public Affairs all denied any knowledge of the operation.

The Royal Australian Air Force announced on Sunday they would conduct G20 security preparations from November 3 to 13 but not on weekends.

The RAAF said operations would involve “fighter, surveillance and support aircraft, alongside the Army Black Hawk helicopters”.

ooo

Henry Sapiecha

Murdoch lashes out at Abbott on journalists terrorist law

News Corp co-chairman Lachlan Murdoch has invoked his grandfather’s reporting of Gallipoli to lash the Abbott government’s new national security laws that could jail journalists for up to 10 years.

Lachlan Murdoch arrives with Sarah at the annual Keith Murdoch Oration image www.intelagencies

Mr Murdoch said Australia’s press freedom was under threat and had already fallen dramatically by world standards.

“It might surprise you that today Australia ranks 33rd, just behind Belize, on the Freedom house index. 20 years ago we ranked 9th,” Mr Murdoch said during the Keith Murdoch Oration at the State Library in Melbourne on Thursday night.

Mr Murdoch said the government was frequently asking Australians to trust them ‘we’re from the government’, when attempting to censor the media.

“But trust is something that should not be a consideration when restricting our fundamental freedoms. Our freedom of speech and freedom of the press are not things we should blindly entrust anyone.”

ooo

Mr Murdoch singled out the government’s national security laws that could jail journalists for up to 10 years for revealing “special intelligence operations”.

Many, including human rights commissioner Tim Wilson, have condemned these laws, saying they would restrict legitimate scrutiny of Australia’s secret agencies.

Mr Murdoch said the government’s terminology, particularly “secret intelligence operation”, was ambiguous.

“It’s left up to government agencies at the time to decide. Would the Gallipoli campaign have been a special operation?”

Mr Murdoch’s grandfather Sir Keith Murdoch revealed the devastation of Gallipoli, which killed more than 8000 soldiers, in a letter to then Prime Minister Andrew Fisher, despite reports from the battle field being censored by the military.

“Incredible as it seems today, Fisher … had received little notice of the Gallipoli invasion.

“Would Sir Keith have been arrested … to spend the next 10 years in jail? And remember, the taking of that letter … a private communication to the prime minister, was tremendous overreach by the military at that time.

“A century ago, Keith Murdoch’s Gallipoli letter was Australia’s boldest declaration that our nation had the right to know the truth.”

Mr Murdoch also took aim at the previous Labor government’s attempts to introduce a public interest media advocate to oversee all media as the “most draconian attack on the press this country has ever seen in peacetime”.

Failure to comply with advocate could have seen the removal of the Privacy Act exemptions, which “are essential for journalists to do their work”, Mr Murdoch said.

“And, if all else failed, a single unnamed ‘super expert’ could apply his or her own undefined ‘public interest test’ and punish an organisation commercially,” he said.

“Censorship should be resisted in all its insidious forms. We should be vigilant of the gradual erosion of our freedom to know, to be informed, and make reasoned decisions in our society and in our democracy.

“We must all take notice and, like Sir Keith, have the courage to act when those freedoms are threatened.”

Henry Sapiecha