OnPoint by Keith Ng



So, I'm not sure about this story. If this group was really on an "international hunt for military secrets", why on earth would they tell everyone about it? More to the point, why would they send out prank emails from McCully's account in the first place?

Wouldn't it have made more sense to sit on this account which they have already compromised and continue to grab information from it? It's unlikely anyone would audit access to an Xtra account - they could have sat on it indefinitely. Hell, they could have set up a mail auto forward and I doubt McCully would've noticed.

Imagine that scene in Mission Impossible, where Tom Cruise sneaks into the CIA mainframe. Imagine if he then takes a dump on the desk. This is kinda like that. Contextually hilarious, but clearly not the behaviour of anyone who's actually trying to steal secrets.

So, here are the emails, put up by @TheComradez (not a Twitter account):


Obviously, I did not put them there. I simply found them after 15 minutes of Googling. Anyone who is paid to look for this stuff would have found it already, so I don't see any point in not linking to them. Also, none of it is classified anyway.

Sorry about the phone numbers, but hey - public interest.

My favourite part of the exchange would have to be when "J" tells McCully:

When you talk next to JA [MFAT Chief Executive John Allen] you could ask:

  1. why do NZDF, NZTE and MFAT run completely different ICT systems offshore?"
  2. Why does MFAT own its entire ICT platform?.is it an IT company?
  3. What % of MFAT's communications are rated confidential or above?  ???.all messages shared with me were over classified.
  1. When GCSB sets the security rules how does it take into account the operational/transactional costs for the affected organisations?
  2. I saw evidence of mindless wasteful  admin crap from wellington and am in no doubt insufficient financial delegation is given to HOM's???JA does not have the system humming as I expect he would have had.

I assume JA will have a pretty good answer for those first four questions now.

J's full name and email were redacted from the email. Which begs the question: Why would a Russian hacker redact the identity of someone who's on pretty chummy terms with McCully? "J" seems like a Kiwi, is obviously very close to the action, but surely, no career diplomat writes that badly, right? The remaining list of names must be pretty short.

[UPDATE: Popular theory (2 out of 2) so far is that "J" is John Hayes. I really can't see any reason to redact his name. Maybe they're just fucking with us?]

I'm sure MFAT staff will find it very interesting who McCully gets his advice from. Would be nice if you could let me know. Safest way would be to email me through the PA website (the "Email" button below), but don't do it at work, and use Tor or a VPN first. If you don't know how to do this, just go to an internet cafe.


Another interesting breadcrumb is this.

3 days prior this story, someone - presumably the same person - posted parts of the emails online. Was it a show of "I've got the goods"? Were the emails posted elsewhere, and "Comradez" simply got them second-hand?

Wild conspiracy theories welcomed.

Also, this is relevant (from SMBC):

33 responses to this post

First ←Older Page 1 2 Newer→ Last