As Treasury says it’s registered thousands of attempts to hack its secure site and Simon Bridges accuses Grant Robertson of maliciously lying, the wellbeing budget is about to become the hell-fleeing budget for someone
The press releases started rolling in at 10 on the dot yesterday morning: “National reveals Budget details.” At 1.30pm: “National reveals even more Budget details.” And at 4.30pm: “Mental Health Commission confirmed in Budget”.
The National Party had got hold of details from Thursday’s Budget. It was at very least embarrassing for the government and Treasury. There are few documents so closely guarded as the Budget. But in the hours since the stakes have risen by orders of magnitude, and by breakfast this morning it looked increasingly as though this would end in a high-profile resignation. But whose?
The first clear indication that this was dramatically more than a garden variety leak or folder-left-in-the-loo scenario came just after 8pm, when the Treasury secretary, Gabriel Makhlouf, issued a statement with a killer lede: “Following this morning’s media reports of a potential leak of Budget information, the Treasury has gathered sufficient evidence to indicate that its systems have been deliberately and systematically hacked.”
And: “The Treasury has referred the matter to the Police on the advice of the National Cyber Security Centre.”
The finance minister, Grant Robertson, chimed in to say it was serious. Extremely serious. “This is extremely serious and is now a matter for the Police,” he said.
“We have contacted the National Party tonight to request that they do not release any further material, given that the Treasury said they have sufficient evidence that indicates the material is a result of a systematic hack and is now subject to a Police investigation.”
Bridges wasn’t having that. He came out swinging on Twitter. “The National Party has acted entirely appropriately,” he said. “Grant Robertson has falsely smeared us to cover up his and The Treasury’s incompetence. When what has occurred is revealed, he will need to resign.
The likeliest explanation as of about 9pm last night was that “hack” was a byword for “poke around the directories of the Treasury site”.
Blogger NoRightTurn established that links to most of the material that National had released earlier in the day appeared to have been accessible without any need for a bolt-cutter.
This morning, however, Makhlouf appeared on RNZ Morning Report to flesh out his earlier remarks. There had been more than 2000 attempts over 48 hours from midnight on Sunday to access secure Budget material, he said. He used the analogy of a secure room – the Budget details had been kept locked and “bolted down” within it, he said, and someone had targeted an unknown vulnerability in one of the bolts.
“It wasn’t an instance of someone stumbling into the room accidentally. It wasn’t an instance of someone attacking the bolt and finding that it broke immediately. It was someone who tried not once, not twice, in fact over 2000 times, to attack that bolt. When I saw that evidence yesterday I decided it was something that I had to refer to the police.”
He said that while the information released by National appeared to be the data taken from Treasury, he could not say the party was linked to the hack. “I have no evidence that tells me that the two are related,” he said. “I’m not going to speak to the National Party about information. It’s up to the police to decide what they want to do.”
Simon Bridges was noticeably absent from morning news programmes, having declined invitations, but he emerged for a fiery 9am press conference in which he launched an angry attack on Grant Robertson, saying he was “lying” and “shamelessly slurring” the National Party by promoting “scurrilous, false” claims and “trying to gag the opposition of a New Zealand – an undemocratic outrage.”
Bridges refused to reveal the means by which they had obtained the documents, but said: “There has been no hacking under any definition of that word. There has been nothing illegal or anything approaching that from the National Party at any time.”
Given the seriousness of the revelations, the angrily irreconcilable stances and a police investigation likely to get under way immediately, there are a lot of people under a lot of heat.
To begin with, are the Treasury’s cybersecurity measures up to scratch?
If Makhlouf and/or Robertson have gone histrionic to cloak basic infosec sloppiness, one or both will be in the firing line.
If Simon Bridges is directly or indirectly complicit in the hacking of the Treasury website, meanwhile, he’s finished.
One way or another, someone’s wellbeing is about to get badly bruised.
Subscribe to The Bulletin to get all the day’s key news stories in five minutes – delivered every weekday at 7.30am.