The die has been cast and the first news cycle after the publication of retired Judge Cooke’s report on alleged bugging of #GSOC produced a wealth of “nothing proved so nothing happened” type headlines.
Read it and you can’t come to the same conclusion.
The Wifi Threat
GSOC’s boardroom has a lot of audio visual equipment including microphones. Contained within this equipment was a device which had been tampered with and original manufacturer parts were found to have been replaced. This device – called 4B throughout the report – was repeatedly trying to connect with the wifi network in a nearby cafe. The significance of this was in the belief of Verrimus that an …
“eavesdropper could gain access to the microphone-enabled units connected on the network in the Boardroom and the Media Room and use them to listen to conversations in those areas.”
Further alarms were raised when during Verrimus’s security sweep Device 4B was observed to be connecting to the cafe’s wifi – with which it “exchanged 121 data packets.” One of GSOC’s officers was present when the data exchange occurred. He said …
“I was told that the display that I was watching was a visualisation of data moving in and out of GSOC. …and data was coming into GSOC via the same device. I saw that and it went on for an extended period.”
Verrimus wasn’t asked to prove bugging was taking place only assess what threats existed. So the didn’t prove beyond all doubt that recordings of conversations that had taken place in the boardroom were being smuggled out of GSOC via a neighbours wifi. With the benefit of being able to review Bitbuzz’s own log of data exchanged on that network Judge Cooke says that nobody has provided him proof that that there was any content in those Data Packets. He says that it is possible that Device 4B
“could have continued repeatedly to probe for connection thus generating what appears to be a high number of data packets without necessarily transferring any corresponding high volume of actual data.”
The White Van
While Verrimus was conducting its second survey in GSOC one of GSO’s officers noticed a white van with blackened out windows parked in the street with a direct line of sight to the GSOC Boardroom. The officer who had extensive experience of counter surveillance walked around the block and saw two men walking together on three separate occasions. His evidence to the judge was that he “considered this to be a possible indicator of a surveillance operation in the vicinity of GSOC”
At the same time that this was happening the Verrimus operatives detected a fake UK GSM/3G mobile telephone signal which they concluded was an IMSI catcher capable of decrypting phone signals and stealing data. This was only ever detected by Verrimus when the White Van was present.
Judge Cooke finds an innocent explanation though. He made contact with a mobile phone operator who indicated to him it was “highly likely that the detection was caused by the testing of a new 4G installation by that network which is confirmed as having been taking place over the period of weeks during which the detection was made.”
As for the physical surveillance he concludes that Verrimus’s presence in Ireland could have raised suspicions about who they were selling their technology too and it might have been them and not GSOC who were being snooped on “such surveillance (if that is what it was) was directed at the activities of Verrimus operatives rather than at GSOC personnel.”
The second threat to GSOC’s security identified by Verrimus was from the hands free landline telephone in Simon O’Brien’s office called a Polycom because it is used for conference calls. Verrimus conducted many tests on it but the final one was to send a burst of music down the line at a quarter to two in the morning with the express intention of letting anybody who might be listening know they had been rumbled. Verrimus then claimed the following happened …
“The test device was still connected and neither operator was touching the device. The device received a call in of around three rings’ duration. Meaning a person must have made a call to the device direct, as the organisation’s switchboard was on out-of-hours service.”
Their opinion of this was “The likelihood of a ‘wrong number’ at that time to that exact unknown number at the time of an alerting test is so small it is gauged at virtually zero.”
Who made the call then and why? Verrimus speculated that “the ‘listener’ found the intermittent music on the line at 01.40 hours an odd occurrence and without thought or consideration to the possibility of a counter surveillance operation decided to test the call line to ensure it was working. Assuming there would be nobody there at that time.”
Judge John Cooke’s finding on this middle of the night call back with a coincidence factor of virtually zero is very far removed from this morning’s headlines of “No evidence of surveillance found”. The judge can find no explanation for this occurrence and does not attempt to come up with a hypothesis.
It remains the case however that this ‘ring-back’ occurrence has not been explained and further extensive tests in conjunction with the device’s manufacturer would probably be required to advance the matter further.
In summary then the judge notes about the wifi that packets of data may have been exchanged between the device in the boardroom and a wifi network outside GSOC but it has not been proved to his satisfaction that that those data packets contained audio recordings of conversations that took place. He considers the legitimate testing of a 4G network as the “likely” but not proven explanation for a fake GSM network. And he cannot provide any explanation for why a phone with an unlisted number should receive calls in the middle of the night just moments after it has been tested for a tap.
Under the circumstances Judge John Cooke says he can only conclude “it is ultimately extremely difficult to determine with complete certainty whether unexplained anomalies of the kinds identified in this instance were or were not attributable to unlawful intrusion.”
Absence of evidence is not evidence of absence. Judge Cookes terms of reference asked him to establish whether it was proved bugging took place. He could not establish that. The terms of reference did not ask him was there a sufficient amount of unexplained and coincidental activity to give rise to the justifiable suspicion that somebody was attempting surveillance. The headlines would be very different today if it had.
Separate to the technical anomalies there are now new questions raised in the report about the conduct of unidentified agencies possibly connected to the security services if not the security services themselves. When leaving Ireland via Dublin Airport two Verrimus operatives reported to Judge Cooke that having checked in and passed through security a man stood directly in fromt of them as they were seated and produced a camera from his shoulder bag.
They turned away to avoid being photographed but “the individual waited and when they turned back he photographed them. Mr described this as a “trade craft procedure” known as being “burned” which is a strategy used by the “opposition” to let them know that they are aware of their presence and that, in other words, “their cover has been blown.”
Verrimus was also contacted twice by a businessman who appeared to be attempting to influence the evidence that Verrimus would give to the inquiry. In a conversation recorded by Verrimus this man claimed that efforts were being made by the security services to place somebody inside the inquiry.
Caller: Well, you know, there is work going on behind the scenes there to put in a man in there who may understand the whole significance of it. Right. And I know that the boys in green are trying to get a man who is, let me say.
Verrimus: Is in to advise?
Caller: Someone who would know what he was on about, he would know exactly who I would be talking about right.
Not long after the inquiry had commence Judge Cooke says that the Department of Taoiseach passed him a letter which contained an offer of unsolicited help from someone who had worked in the Irish Defence Forces as an Intelligence Officer for over twenty years. Judge Cooke reports that “The Offer was not taken up.”
Who? Why? To what end? Prompted by who? Why did the Department of Taoiseach think it appropriate to pass this on?
All this leads you to the inescapable conclusion that while GSOC bugging was not proven there is far more to this episode than we yet understand.