Hacking scandal threatens to upend NZ election

There’s a very techie election year yarn spinning out across the Tasman, with a heady mix of dodgy politicians, attack bloggers for hire, PR spin doctors and hackers leaking emails that allege some seriously dirty dealings on a scale that New Zealand has not seen before.

The emails were taken from right-wing blogger Cameron Slater, a.k.a. Whale Oil earlier this year, and formed the basis of investigative journalist Nicky Hager’s recently released book, Dirty Politics.

In the book, Hager cites email conversations between Slater, PR operatives, Tory politicians and ministers as part of multiple campaigns against political opponents, civil servants, media, and even members of the ruling centre-right National Party.

Hager’s source for the emails is a hacker who calls himself “Rawshark”, possibly as a tribute to comics writer Alan Moore’s vigilante character Rorschach in the Watchmen, who claims not tgo be a political operative.

All in all, around eight gigabytes worth of emails were taken from Slater, and copied onto a USB memory stick that was mailed to Hager.

Their contents have upended what otherwise looked like a staid and unexciting New Zealand election. 

A staffer in Prime Minister John Key's office has been linked to Whale Oil hatchet jobs but so far, the most explosive leaks have centered on National Party member of Parliament Judith Collins. 

Collins had to resign as the minister of justice this weekend, as further emails connected her to a campaign involving Slater and others, which sought to discredit the then head of the Serious Fraud Office.

The campaign was allegedly paid for by a financier under investigation by the SFO for his role in a venture that saw investors lose hundreds of millions of dollars. Collins was the minister responsible for the SFO at the time and the whole scandal is likely to be scrutinised by a commission of inquiry and possibly the police as well.

Operating under the @Whaledump Twitter account, the hacker is continuing to dump messages online and also to release more information to New Zealand media.

How Rawshark got hold of the emails isn’t clear. They are mostly Gmail conversations and Facebook messages, suggesting that Slater’s personal computer and accounts were compromised. There have been conflicting reports the messages were obtained during a denial of service on the Whale Oil blog website.

There is no indication that Rawshark managed to somehow hack Gmail (or Facebook) and technical details around how the emails went astray have not been published.

As for the hacker, Rawshark’s identity remains a mystery.

There’s even a dash of Dotcom in the story: Slater has fingered Kim Dotcom as being responsible for the lifting of the emails; the two are bitter enemies and have waged war on social media against each other. Dotcom denies it is his doing.

While Slater and the National government are desperately downplaying the significance of the leaked emails as private conversations and braggadocio, the general public is less than impressed by the overall message they convey.

Up until a few weeks’ ago, the election looked like a total slam dunk for the National Party which has been riding a strong economic recovery to place ahead in the polls. But after Hager’s book and the leaked emails that followed it, National and prime minister John Key have taken a drubbing in the polls.

The take-home message for any business or government from the whole affair is that open email is no place for secret, sensitive information, no matter how convenient and fast it might be.

Email continues to be treated as an impenetrable private vault - and on that basis, this won’t be the last leak of sensitive messages we’re likely to see.

It’s literally the hacking the Kiwi election of 2014 and will no doubt become a case study in why encrypted, secure email is important - for the wrong reasons.  

My take? If you’re going to play dirty, best not do it in open emails.