Peer review finds ‘no evidence’ of bugging at GSOC
Minister for Justice says report from IT security firm disputes Verrimus claims
Minister for Justice Alan Shatter: further report into alleged bugging at the Garda Síochána Ombudsman Commission (GSOC) had found “no evidence of any technical or electronic surveillance” at the policing watchdog, he told Dáil. Photograph: Bryan O’Brien
A further report into alleged bugging at the Garda Síochána Ombudsman Commission (GSOC) had found “no evidence of any technical or electronic surveillance” at the policing watchdog, Minister for Justice Alan Shatter told the Dáil last night.
Mr Shatter was speaking during a Sinn Féin motion calling for an independent inquiry into the affair and said he had commissioned his own report from Rits, an IT security consultancy firm based in Citywest, Dublin.
He said he received the “peer review” to seek clarification on an investigation carried out for the GSOC by a UK-based firm, Verrimus. Mr Shatter’s report was to give an opinion on the risks “as identified and presented to GSOC”.
“The report . . . that I received from Rits gives as an opinion, based on the reports provided to Rits, that ‘there is no evidence of any technical or electronic surveillance against GSOC’, that is no evidence at all, not merely no definitive evidence,” Mr Shatter said. “This report also disputes other conclusions reached by Verrimus.”
He said some of the technology alleged to have been used in surveillance was “widely available on the internet”.
“It is also the case that such devices have a range of up to several kilometres, so that even if there had been such a device it could have been anywhere in central Dublin and there is no indication whatever that it was directed at GSOC,” Mr Shatter said.
He said Simon O’Brien, the GSOC chairman, “clearly did not accept that the technology referred to could only be obtained by Government agencies despite the statement to this effect in their security consultants’ report”.
The Department of Justice also sought clarification from the GSOC, which has said it will make no further comment on the controversy, on some issues.
“Included within that information are further details concerning the unused wifi in GSOC offices that was remotely accessed. It seems that Verrimus identified in September 2013 that it was being remotely accessed but could not identify from where.”
The “unexplained accessing” of the wifi was “an indicator of a potential threat or vulnerability”, Mr Shatter said.
The new report concluded it was more likely “that the wifi within GSOC was randomly linking” into a “Bitbuzz” public network available in an Insomnia coffee shop in a Spar outlet on the ground floor of the building occupied by the GSOC in Dublin city centre.
A phone call rang the number immediately after a check signal was transmitted through it. Verrimus said the likelihood of this being a coincidence was “close to zero” and checks with telecom companies were unable to reveal the source of this call.
But while Mr Shatter said he appreciated that the GSOC relied on the reports it received from Verrimus, he “cannot ignore the report I received from the company asked to conduct a peer review of the technical documentation furnished by GSOC to me and the information accompanying it”.
This new information, along with the “ongoing nature of this controversy”, led him to establish a public inquiry. However, Sinn Féin’s Jonathan O’Brien said “entrusting the terms of reference to Minister Shatter would be like allowing the fox to design the chicken coop”.