Report on anomalies ‘wholly inaccurate’, says Verrimus

The British security firm which carried out a surveillance sweep at the Garda Ombudsman’s offices yesterday described reports regarding two of the three “technical anomalies” it detected as “wholly inaccurate”.

Verrimus issued a statement after the Irish Independent published what it described as “revelations”, in which it stated two of the anomalies could be innocently explained.

The story said an external wi-fi that was connected with a wi-fi device within GSOC was simply a coffee shop wi-fi located in a premises partly underneath the ombudsman’s offices.

It said the external wi-fi was not a potential threat, as identified by Verrimus.

Secondly, the report stated that the detection of a British 3G mobile network came from the mobile phones of Verrimus’s own experts.

In a response, Verrimus said the reports were “wholly inaccurate”.

It said: “A mobile phone cannot create a 3G base station, so it is impossible that Verrimus operators’ phones were the source.”

It said the 3G base station created a fake mobile country code and fake mobile network code, which it said was detected.

In the report — compiled by GSOC for the Oireachtas — it said that this device was an International Mobile Subscriber Identity catcher.

It simulated a British mobile phone network and picked up British phones registered to that network.

Once connected phones on that network can be forced to disable call encryption, making the call data vulnerable to interception and recording.

The report said Verrimus indicated this level of technology was “only available to Government agencies”.

In relation to the wi-fi, the firm said that any such device which sits on a secure internal wireless network “should not be attached and communicate with any device outside its own network” — meaning the GSOC wi-fi should not have been connected with the external wi-fi detected in the sweep.

The company said that if it was connected, this would enable information to be transmitted outside the secure network “to the person or organisation that forced the device to function outside of its secure network”.

In the GSOC report, the company said the wi-fi in the GSOC boardroom had a password and that without this password, it should not have been able to connect with the external wi-fi.

The report said GSOC did not have this password and that it never activated the device. “Its connection to an external network was, therefore, a concern,” the GSOC report said.

GSOC yesterday issued a statement in which it repeated the findings of the report and referred commentators to the Verrimus statement.

More on this topic

Gsoc probes garda’s claims of pub law abusesGsoc probes garda’s claims of pub law abuses

Parallel investigations by gardaí and GSOC into Dublin road fatality Parallel investigations by gardaí and GSOC into Dublin road fatality

GSOC investigated 49 whistleblower complaints last yearGSOC investigated 49 whistleblower complaints last year

GSOC examining circumstances surrounding death of man after Midland Regional Hospital incidentGSOC examining circumstances surrounding death of man after Midland Regional Hospital incident


He thought ‘Line of Duty’ would last just one season. Instead, it propelled him to international success. Ahead of the return of the acclaimed drama ‘Blood’, Adrian Dunbar tells Ed Power why it still feels like a dreamAdrian Dunbar: ‘I just got very lucky’

More From The Irish Examiner