GSOC sets out details of suspected surveillance and subsequent findings

The Garda Síochána Ombudsman Commission (GSOC) has set out in the clearest detail yet the three examples of the suspected breach of its information communications technology at its headquarters in Dublin. Of the three "threats", two were identified during a week of security checks from September 23rd-27th last year.

THREAT 1
Commission chairman Simon O'Brien said the threat centred on a wireless device located in the commission's conference room and was found to have been connected to an external wifi network.

The device was the property of the commission, but while there was no suggestion it had been “planted” by a third party, the manner in which it was behaving have rise to concern.

"Access to this wireless device was protected by a password; absent this password, the device should not have been able to connect to that external wifi network," Mr O'Brien told the Oireachtas Committee on Public Service Oversight and Petitions.

“As GSOC does not have a wifi network, this device had never been activated by GSOC and its password was unknown. Its connection to an external network was, therefore, a concern. This device, although wifi- enabled, was unable to communicate with any of GSOC’s databases or electronic systems.”

Mr O'Brien later revealed that another piece of equipment was set up to monitor the device. That monitoring found the device was switching from active to inactive mode at random times and for varying periods with no discernible pattern.
Conclusion
Mr O'Brien said: "Connection by the wifi device in the conference room with an external wifi network was occurring randomly and with no discernible pattern or agent apparent."

THREAT 2
As part of the security checks in late September, a telephone unit used for conference calls and situated in Mr O'Brien's office was subjected to a number of tests to establish if it was under surveillance.

“One was called an ‘alerting’ test,” Mr O’Brien told yesterday’s hearing. “Immediately after this test, the conference phone line rang. The security expert judged that the likelihood of a wrong number being called at that time, to that exact number, was so small as to be at virtually zero.

"GSOC conducted a number of telecoms checks to seek to establish the source of this telephone call but was unable to do so. Further checks revealed no additional anomalies or matters of concern."
Conclusion
Mr O'Brien said: "The anomaly in the telephone unit [in his own office] could not be repeated – the commission could not rule out the possibility that an innocent call was made to the office at 1am. Telecoms data could not identify a number from which the call originated or even that a call had been made."

THREAT 3
This was detected during a visit by the specialist counter surveillance company on October 19th and 20th last. It found evidence of a 3G network, off which mobile phones would work. However, the network found was a UK one, with Mr O'Brien noting yesterday they only operated in the Republic only in Border areas.

"They advised that such a network can only be simulated through a specialist device," Mr O'Brien said of the company carrying out the checks. "The device simulated a UK mobile phone network, will pick up UK phones registered to that network. Once a phone has been connected, it can be forced to disable call encryption making the call data vulnerable to interception and recording. The specialist firm indicated that this level of technology is only available to government agencies."
Conclusion
Mr O'Brien said: "Concerning the device scanning for mobile phones, the commission could not rule out that such a device was being lawfully used in the vicinity of our building or that it was not directed at our building."

When threats one and two were identified, “four or five” GSOC staff knew the security checks had taken place. However, the agency then formally began a public interest investigation, at which point about 10 people were aware what was happening.

Mr O'Brien said that because the evidence of suspicious activity "did not meet the threshold of an offence", he did not relay the evidence to Minister for Justice Alan Shatter. His main concern was the damage it would do to the relationship between the Garda and GSOC and the public's perception of that relationship.

“The level of public disquiet in relation to allegations that the gardaí might be involved in that type of activity was immense.”

He added that the concerns were not taken to Garda Headquarters for criminal investigation because it would be “ludicrous” to suggest an organisation, or at least personnel within it, under suspicion of spying would be charged with investigating it.