Cortex analysts can read private emails

  • 03/10/2015
Cortex analysts can read private emails

By Paul Purcell

New Zealanders working at companies and government agencies that deploy the Cortex cyber-security defence system could have their personal emails read by GCSB analysts.

But the chances of it happening are minuscule, according to the spy agency's acting director Una Jagose.

The Cortex system aims to counter advanced cyber threats and provide malware detection services to government agencies and organisations dealing with "critical national infrastructure".

The bulk of the screening is done by computers, but Ms Jagose says analysts look at private internet traffic in 0.005 percent of cases.

"Most steps are taken in a mechanised way so the system itself can identify the malware, identify the fingerprint and either block or defend block or identify," she told The Nation today.

"Our experience tells us that in about 0.005 percent of instances of data does the machinery throw up a question that can't be answered by the system itself, and so an analyst will have to look at it in order to see what is this malware, is it new, is it something we haven't identified yet."

"The analyst is looking at it not for its content but for what the email and the traffic tells us about the fingerprint or the adverse attack that is occurring."

Despite the controls in place, analysts still have the capacity to see communication content if they want to but are required to document all the steps they have taken in order to justify their actions.

The author and recipient of the email will be unaware their correspondence has been looked at.

Companies and agencies that use Cortex will inform employees that their communications can be monitored by the GCSB.

But the information could be hidden in the term of conditions of internet use.