GSOC knew cafe wi-fi was cause of 'anomaly'
Published 18/02/2014 | 02:30
The Garda Siochana Ombudsman Commission has known for months that a wi-fi network in a coffee shop was the innocent explanation for one of the "anomalies" identified in a security sweep of its offices.
The Irish Independent understands that the source of an external wi-fi network, which had connected with a device in GSOC's offices, was traced to the Insomnia coffee shop on the ground floor of their building in Dublin city centre.
However, GSOC omitted to tell either Justice Minister Alan Shatter or the Dail Oversight Committee last week that they had effectively solved one of the major threats identified in the security audit.
It has also emerged that the detection of a UK 3G mobile network during a sweep connected with the mobile phones being used by the Verrimus security experts.
The until now unexplained wireless connection had been identified as a potential threat by UK security firm Verrimus between September 23 and 27, 2013 and has been central to recent claims that the Ombudsman Commission had been under surveillance.
It was found that an unused wi-fi device in the GSOC boardroom had been randomly connecting to a BitBuz wi-fi network but the security company did not trace where it was coming from.
A source close to the watchdog has revealed to the Irish Independent that the security company subsequently traced the mystery external network to the coffee shop, which shares space with a Spar on the corner of Abbey Street and Capel Street in Dublin’s city centre.
The latest twist in the alleged spying controversy emerged as the embattled Justice Minister prepares to face questions over the affair in the Dail today and before the Oireachtas Committee tomorrow.
A spokesperson for GSOC failed to respond when asked about the development last night, and declined to reveal when the wi-fi device in the GSOC offices first started connecting to the external network. But reliable sources have revealed that this was established as the BitBuz network during a second visit by the UK security specialists in October 2013. The Irish Independent has also confirmed that the Spar and Insomnia coffee shop first installed the BitBuz wi-fi system in August 2013 – just a month before the first security sweep of the GSOC offices. The revelation that GSOC knew there was nothing sinister about the wi-fi issue but failed to use two opportunities last week to clear up the matter will cause concern.
A second anomaly relating to a UK 3G mobile network also appears to have been explained. It is understood experts from a security firm hired by GSOC had UK phones. Last week GSOC chairman Simon O’Brien told the Oireachtas Oversight Committee that he did not have a UK mobile phone but confirmed that “we had UK operatives who were operating in our building at the time”.
In response to questions from the Irish Independent, the GSOC spokesperson confirmed yesterday that “no GSOC staff member uses a UK mobile phone for official business”. When asked to confirm who were the “UK operatives” referred to by the chairman, the spokesperson revealed that they were “the UK security specialists undertaking the sweep”.
A question mark still hangs over the third anomaly, which was a claim that a phone in Mr O’Brien’s office may have been bugged. The revelations are likely to increase pressure on GSOC’s three commissioners to further explain the true extent of the alleged bugging controversy which has been mired in confusion.
Verrimus this morning issued a statement in response to this story:
"A mobile phone cannot create a 3G base station, so it is impossible that Verrimus operator's phones were the source of the fake Mobile Country Code (MCC) and fake Mobile Network Code (MNC) that was detected.
"With regard to the WiFi device, any WiFi device capable of audio, video or data gathering that sits on a SECURE internal Wireless Local Area (WLAN) should not be attached and communicate with any device outside of its own secure network, as this can enable the source information (audio, video or data) to be transmitted outside of that secure network to the person or organisation that forced the device to function outside of its secure network.
"Verrimus cannot comment specifically on details of the task for GSOC or the findings, however we will correct technical inaccuracies in reporting.
"Should technical advice on functions and capabilities of threat be required by anyone reporting or interested in technical surveillance threat, Verrimus will happily provide thorough briefings to mitigate inaccurate reporting in this, or any other matter."
GSOC has issued a statement this afternoon.
"GSOC wishes to re-iterate that during a security sweep, it received reports which identified two potential threats to its security," it says.
"During further investigation a third potential threat was identified. In a briefing note to the Minister for Justice & Equality on 10th February 2014, a note which subsequently appeared in the public domain, GSOC said that analysis of these threats was inconclusive. GSOC did not rule out that there could be reasonable explanations for any or all of these issues.
"The briefing note also stated that a Wi-Fi device, located in the Boardroom, was found to have connected to an external Wi-Fi network.
"Access to this Wi-Fi device was protected by a password; absent this password, the device should not have been able to connect to that external Wi-Fi network. Its connection to an external network was, therefore, a concern. This device, although Wi-Fi enabled, was unable to communicate with any of GSOC’s databases or electronic systems.
"The investigation was completed on 17 December 2013 and concluded that no definitive evidence of unauthorised technical or electronic surveillance was found.
"It did, however, confirm the existence of the three technical and electronic anomalies that could not – and still cannot - be explained. These raised concerns among the investigation team in terms of the integrity of GSOC’s security."