Treasury have cried wolf and it appears the ‘wolf’ was a parked car…
Following Tuesday’s referral, the Police have advised the Treasury that, on the available information, an unknown person or persons appear to have exploited a feature in the website search tool but that this does not appear to be unlawful. They are therefore not planning further action.In the meantime, the Treasury and GCSB’s National Cyber Security Centre have been working on establishing the facts of this incident. While this work continues, the facts that have been established so far are:– As part of its preparation for Budget 2019, the Treasury developed a clone of its website.– Budget information was added to the clone website as and when each Budget document was finalised.– On Budget Day, the Treasury intended to swap the clone website to the live website so that the Budget 2019 information was available online.– The clone website was not publically accessible.– As part of the search function on the website, content is indexed to make the search faster. Search results can be presented with the text in the document that surrounds the search phrase.– The clone also copies all settings for the website including where the index resides. This led to the index on the live site also containing entries for content that was published only on the clone site.– As a result, a specifically-worded search would be able to surface small amounts of content from the 2019/20 Estimates documents.– A large number (approx. 2,000) of search terms were placed into the search bar looking for specific information on the 2019 Budget.– The searches used phrases from the 2018 Budget that were followed by the “Summary” of each Vote.– This would return a few sentences – that included the headlines for each Vote paper – but the search would not return the whole document.– At no point were any full 2019/20 documents accessible outside of the Treasury network.The evidence shows deliberate, systematic and persistent searching of a website that was clearly not intended to be public. Evidence was found of searches that were clearly intended to produce results that would disclose embargoed Budget information. Three IP addresses were identified that performed (in the Treasury’s estimation) approximately 2,000 searches, over a period of 48 hours, which pieced together the small amount of content available via the search tool. The IP addresses involved belonged to the Parliamentary Service, 2degrees and Vocus.The nature of these searches ultimately led to unauthorised access to small amounts of content from the 2019/20 Estimates documents, none of which were due to be available to Parliament and the public until Budget Day.In light of this information, Secretary to the Treasury Gabriel Makhlouf said, “I want to thank the Police for their prompt consideration of this issue. In my view, there were deliberate, exhaustive and sustained attempts to gain unauthorised access to embargoed data. Our systems were clearly susceptible to such unacceptable behaviour, in breach of the long-standing convention around Budget confidentiality, and we will undertake a review to make them more robust.”The Treasury took immediate steps on Tuesday to increase the security of all Budget-related information. Mr Makhlouf has now asked the State Services Commissioner to conduct an inquiry in order to look at the facts and recommend steps to prevent such an incident being repeated.
…so the Treasury definition of ‘hack’ was as reliable as Trevor Mallard’s definition of rape.
There needs to be an execution here of someones career. Treasury said they were hacked, they were not, it was their own incompetence in the end and clever guesses by whomever decided to leak this.
Treasury have fucked up, embarrassed the Government with their clumsiness and allowed National to overshadow the entire well being budget – if Grant Robertson is too weak to demand a scalp, then Jacinda should sack him.
Unbelievable mismanagement all around.
That said, Simon Bridges faux offence at being accused of using hacked information is Millennial snowflake outrage olympics 101. There is no public interest in publishing budget details 72 hours before they are to be released, it’s economic vandalism not whistleblower crusading.
Bridges has behaved and acted like a spiteful teenager who has the audacity of playing victim when criticism comes his way for that behaviour. He has embarrassed the Government, he has robbed it of its thunder but he has also shown himself to be utterly inappropriate for the top job.
All Bridges is capable of is breaking things to prove how tough he is.
Ugly politics.
( ͡° ͜ʖ ͡°)
Yes Martyn,
Treasury has never thought very cleverly have they?
Remember when treasury said in John Key and Steven Joyce’ time that our whole rail system should be shut down’??????
https://www.rnz.co.nz/news/political/278359/close-down-rail,-advised-the-treasury‘
6:08 pm on 9 July 2015
New Zealand
World
Politics
Brent Edwards, Political Editor – brent.edwards@radionz.co.nz
The Labour Party has accused the Treasury of being “nuts” for suggesting the country’s rail network should be closed because it costs too much.
In Budget documents released today the Treasury estimated the net social cost of supporting KiwiRail at between $55 million and $170 million a year.
In the paper the Treasury recommended the Government just fund KiwiRail for one more year while undertaking a comprehensive study to look at closing the rail company.
It said the study should be done publicly so that people were informed of the costs of running the rail network compared with any benefits it provided.
The Government rejected the idea.
Labour’s transport spokesperson Phil Twyford criticised the Treasury for even raising the suggestion.
“This proposal by Treasury for the Government to consider actually shutting down the rail network is just nuts and it shows that Treasury doesn’t really understand transport economics and they certainly don’t get rail.
“You know rail should be for decades and decades to come, it should be alongside the road system, the backbone of New Zealand’s transport system … To shut down, even to contemplate shutting down this valuable part of our nation’s infrastructure is barmy,” Mr Twyford said.
While government ministers rejected the idea initially they only intended providing money for KiwiRail for this financial year.
But a later paper reveals it agreed to a two-year funding commitment after the company expressed worries about its long-term planning if it had only one year of funding confirmed.
In its analysis the Treasury said rail had high fixed costs and it faced a challenge trying to reduce them.
It said the options for the business were to make relatively small changes to the existing network or significantly downsize it, including closing it altogether.
Another option was to shut down most of its operations but keep freight business for Auckland to Hamilton to Tauranga only as that part of the network carried most freight and covered most of its costs.
It warned KiwiRail posed considerable risk to the Government and was unlikely to ever be profitable.
“Treasury believes there is a net economic cost of continuing to fund rail at the levels required. The net social cost is estimated at between $55 million and $170 million per annum based on a national cost benefit analysis.
“Whilst some of the assumptions underlying analysis of this nature are subjective and some require further work to validate, Treasury believes that it will not change the conclusion that there is a net social cost of continuing to fund rail.”
It recommended a public study of the implications of shutting KiwiRail down so the Government could make the most informed choice possible.
Phil Twyford said he agreed there should be an in-depth study on the value of rail to the economy.
Mr Twyford said the fallacy in the Treasury thinking was that the rail system, including the rail tracks, should be run as a profit making business. Nowhere in the world did that happen.
He said the rail tracks were simply like the country’s roads and nobody expected the roads to make a profit.
A spokesman for Finance Minister Bill English said the Government had set aside $400 million for KiwiRail over the next two years.
“But before undertaking an investment of this size, it is appropriate that officials look at all options – including options for line closures.
“As we said in May, the Government is committed to a national rail network, but ongoing subsidies of around $200 million per year are unsustainable. The funding provided at the Budget gives the KiwiRail board a two-year window to identify savings and reduce the level of ongoing Crown funding required,” he said.
This is not the first time Treasury has made a blunder:
https://www.odt.co.nz/news/national/treasury-admits-blunder-over-child-poverty
While these and no doubt other errors might seem innocuous, a pattern of incompetence seems to be appearing.
Saying that Treasury has cried wolf and it appears the wolf was a parked car is a good epithet for Treasury – engine not running and taking up valuable space.
What a pack of dumbasses.
Glad we’re not paying them $ix figure$ plu$ entitlement$ and expen$e$ to drive around in arse massaging BMW’s.
Oh! Wait?
Sorry you homeless people and hungry children… but we are.
Agreed Bomber, someone on his team collated publicly available treasury information that is true, but for this piss-ant Bridges to release it goes against everything our government has ever stood for (information security and embargo, economic stability, political ethics). Bridges could have advised the treasury and government of the website malfunction without claiming victimhood and looking like a breathless child, and the government could have given Bridge’s team the kudos for doing so. Instead the opposition now looks like a spiteful pack of hyenas embedded at every level of society willing to disrupt information systems by any means to further their cause. Bridges should have been long gone, for the JLR revelations (possible donation corruption), for calling one of his MPs fucking useless, etc. The circus we saw played out with treasury won’t survive a news cycle, I’m waiting for the decision on Sarah Dowie telling JLR to die, which has real repercussions for politics, digital communication and free speech.
I have no doubt that Natzi supporters will be absolutely chuffed that their team scored a big win over the hapless lefties. Expect Bridges to milk this to an unbelievable degree which will further boost the next poll and possibly cement his position going forward. But does anyone out their actually care about budget leaks caused by some IT expert leaving the door open. Unfortunately we will never here the end of this.
Gross incompetence from treasury, government (Winston and his “illegal” bullshit), the opposition -Simon bridges semi literate outrage, following on from mallards false rape accusation.
Sack the fucking lot of them, let’s start again.
In the private sector these idiots wouldn’t last 5 minutes.
They run the country no wonder it’s so messed up.
There are far too many employees in the public sector, including ( and especially) Treasury,who are by background and inclination, supporters of National and who find it convenient to ignore their contractual obligations to remain politically unbiased -yet another hurdle for a social democratic government.
Makhlouf is shortly off to Ireland.
For Jacinda to sack Grant would be shooting self in foot/cutting off nose to spite face/hoisting self on own petard. That is to say, unwise.
The comment above regards Kiwirail and Treasury raises the issue when this government got Treasury to investigate serious safety defects built into new KiwiRail bridges and the Treasury offical tasked with this was going to investigate by ‘catching up with mate for a beer and a chat on a Friday night’. Turns out that the KiwiRail officials that neglected to prevent the safety defects being built into the bridges have the ‘ear’ of that same Treasury official. Nothing to see here.
Still KiwiRail have a new CEO now and a new Board Chair; they have always had a lot of risks with their ageing infrastructure so they could be a big winner in this budget. They might even stop building ‘booby trap’ bridges.
The key political question is the conversations between the Secretary of the Treasury and the Finance Minister.
Did the Minister ask, suggest or direct the public servant to escalate the matter to a criminal investigation knowing the true cause was Treasury incompetence?
Because that is a Minister using the Police against a political opponent.
Aaaand they’ve used a picture on the front of the budget, of a solo mum and child but turns out the lady in the pic moved to Australia last year with kid as couldn’t make ends meet in NZ, have “found wellbeing in Australia”. Story on NZ Herald
So much dumb from treasury and minister/s.
Classic!
What a muppet show !!!
This by Idiot Savant
So, it turns out that the Budget “hack” was performed using that nefarious, illegal hacking technique called “using the search engine”. Police have concluded that it wasn’t illegal and they will be taking no further action (because its using the fucking search engine). I’m surprised they didn’t charge Treasury with wasting police time.
Meanwhile, Treasury secretary Gabriel Makhlouf has presided over incompetence and smeared the opposition. We pay public sector CEOs the big bucks supposedly to take responsibility. We pay Makhlouf over $600,000 a year on that basis. So how about we get what we paid for? By running a muppet show, Makhlouf has fucked up his agency’s biggest event of the year, and the centrepiece of the government’s policies. It would be hard to imagine a more public screwup. But I forget: he’s fucking off to Ireland. So I guess he’s in DNGAF mode now. While SSC is looking into it, there’s nothing they can really do to him now, so we’ll get no accountability at all. I guess NeoLiberal public sector management theory didn’t really think about that…
And then there’s the next obvious question: how long has this flaw been lurking in Treasury’s web servers? How many budgets have been googled in advance that way? Was market-sensitive information revealed, and did someone make money from it? Because that actually would be important.
Heads must roll on this. It is unacceptable. Robertson crying ‘foul’ before checking things out was a knee-jerk reaction that is unbecoming at anytime, Jacinda does not need that kind of incompetence. Treasury . . . what more can be said? Incompetent, complacent, the list goes on. Did the Nats have insider info? “If you just happen to be looking at the Treasury website, maybe around (whatever) am/pm, there just might be a preview of the Budget available briefly, but of course, we will disavow any knowledge of this course of events.” As for Bridges, no doubt he will be trying to get as much milage out of this matter for as long as he can, but all he is really doing, is showing how petty and pathetic he is.
Comments are closed.