Treasury “hack” - not likely at all
The claim that the budget information leaked to the National Party is the result of Treasury being hacked is looking for a culprit that doesn’t exist, claims Bruce Armstrong from Darkscope.
Claims from the head of Treasury, Gabriel Makhlouf, that 2000 attempts in 48 hours as proof that their systems were hacked clearly shows their lack of cyber security awareness. There are nearly one billion website breach attempts blocked every day across the world – it is far more common than most people expect. The 1000 attempts per day is simply “white noise” on the Treasury site.
Darkscope’s baseline scan of cyber-attack activity in the New Zealand government sector shows that government agencies are always ‘under attack’ by mainly foreign attackers. An attack rate of 1000 attempts in a day is at the very light end of the spectrum.
“A more likely scenario is that someone used a spider or crawler program to find ‘hidden’ content in the Treasury website (which is not considered a cyber-attack) and may have found the Budget 2019 files which were not protected properly at that stage.” says Joerg Buss, Darkscope’s Technical Director.
It is our conclusion that Treasury was not hacked, but it is possible that the information leaked from the webpage because of a human error.