The hackers did it

If you’re on this blog (why?) you’ve probably realised I’ve got an interest in infosec. If not, go look at the hacking section of this blog and then come back here.

We’ve probably got a federal election coming up soon; the Prime Minister was in town the other day giving $6M to the Brave Foundation; no doubt a worthy cause. The Founding director and chief executive Bernadette Black was a former Liberal candidate for the Federal election in 2013 and later sought preselection for the seat of Franklin before withdrawing to concentrate on the Foundation.

Seeing Ms Black on the news, along with the newly announced Liberal candidate for Lyons reminded me of the former Liberal candidate for Lyons Jessica Whelan, who resigned from the party following accusations that she had made Islamophobic comments on Facebook, a claim which she denied. An interesting angle to this story, and where my interest comes in, was in claims that Ms Whelan’s account was ‘hacked’ and that images were digitally manipulated. Specifically, from here:

A Liberal candidate’s claim that a lewd Facebook post about feminists was doctored would be investigated by federal police, Prime Minister Scott Morrison said.

Jessica Whelan, the Liberal candidate for Lyons in Tasmania, claims a Facebook post showing her saying of American feminists: “Round them up Donald, cut their clitorises off and sell them to Muslims in Muslim countries and cancel their passports. You’ll make a mint,” was digitally manipulated.

Yikes. I wouldn’t want my name on that either. Anyway. Scott Morrison was reported as saying:

“The imagery that we have found, that has been presented to us, appears to have been doctored,” he said.

“And so that is a matter that is being referred, I should say, to the Australian Federal Police. And this is a matter that will be subject to an investigation.

The ABC reported the press conference with Mr Morrison:

He said it was possible her social media account was hacked, hence the referral to police for investigation, and refused further comment

Anyway, Ms Whelan denied making the comments but later resigned from the party. The Guardian reported that:

Documents obtained by Guardian Australia under freedom of information reveal the AFP was keen to follow up on the case but did not get a referral from Whelan after she parted ways with the Liberal party.

It appears the AFP’s assessment for investigation was not focused on whether the images were doctored but if Whelan’s account had been hacked.

The emails show the AFP was keen to keep chasing the case but had no luck getting Whelan to refer it.

For her part, Ms Whelan said:

“As far as I’m concerned I didn’t make that post, an IT expert has provided me with a report stating it appeared to have been digitally manipulated,” she said. “I have moved on with my life. For now I’m focusing on my role as Brighton councillor.”

So we have inappropriate Facebook commentary; the spectre of hackers and digital manipulation raised by the accused; a resignation from the party and then the investigation was quietly dropped. I wonder if this has happened before?

As if it would have happened before

In 2016, the Twitter account of then Treasurer Scott Morrison ‘liked’ an opinion piece about human rights abuses in China. Buzzfeed reported that:

A spokesperson for the treasurer told BuzzFeed News that it believes someone had hacked his Twitter account and liked the tweet.

“We’re investigating. There was absolutely no intention behind it,” said the spokesperson.

And Mr Morrison sent the following tweet:

It appears my twitter account may have been accessed by someone unauthorised to do so. This has been rectified.
4:57 PM · Apr 13, 2016·Twitter for iPhone

I don’t know what happened after that; I guess he changed his password.

Fool me twice, something something

“There’s an old saying in Tennessee—I know it’s in Texas, probably in Tennessee—that says, ‘Fool me once, shame on…shame on you. Fool me — you can’t get fooled again.’”
George W Bush September 17, 2002

In 2017, the Australian Ambassador to the United States Joe Hockey blamed hackers for … wait for it … liking a tweet.

The tweet in question? It was from The Kouk, and it was calling Malcolm Turnbull a ‘cranky prick’. The SMH reported:

But on Tuesday morning, Mr Hockey said: “Don’t get too excited. It looks like I have been hacked. AFP now investigating.”

I don’t know how that AFP investigation turned out either. Anyone else know?

Christopher Pyne

Everyone remembers this one, right?

Also in 2017, then Defence Minister Christopher Pyne claimed his Twitter account was hacked after:

Mr Pyne’s account “liked” a raunchy video from account “XxxPornGay” in the early hours of Thursday morning

Mr Pyne responded:

I was hacked overnight! I was 😴 at 2am. Someone tried to hack my social media yesterday. Maybe they are making mischief over the plebiscite?

The SMH said:

It remains unclear why a hacker would use access to a government minister’s social media account exclusively to like a single pornographic post in the dead of night.

Labor dropped calls for an inquiry after a Government briefing reassured them that there were no national security concerns.

Shenanigans and hijinks

Aren’t those hackers a wacky bunch? Pwning social media accounts of senior members of the government and random candidates in order to embarrass them by liking tweets or posting comments on social media. Shenanigans!

I was also reminded of this stuff when Peter Gutwein responded to a question from Emily Baker during the recent state election campaign about an image of a dating profile belonging to Terry Brooks:

Shown one of the dating profiles by the ABC at a press conference this week, Mr Gutwein suggested the reporter may have “tricked it up”.

That’s a big oof. Hopefully Mr Gutwein has since quietly apologised for that one.

Let’s hope those wacky hackers don’t get up to any more mischief in the next federal election :)