Representational image | Photo: Flickr
Representational image | Photo: Flickr
Text Size:

Washington: If it turns out that Saudi Arabia hacked into the phone of Amazon.com Chief Executive Officer Jeff Bezos, as investigators have alleged, the oil rich nation likely utilized its preferred method of cyber espionage: outsourcing.

While countries like Russia, China and North Korea have invested in developing powerful, tailored cyber weapons, Saudi Arabia has instead opted to purchase them, according to experts and former government officials.

The Middle Eastern nation’s cyber arsenal is believed to be primarily composed of outsourced espionage tools, which it has combined with disinformation tactics on social media, they said.

These purchased weapons can be “highly sophisticated, but of limited scope,” according to Jon Bateman, a cybersecurity fellow at the Carnegie Endowment for International Peace. While Saudi Arabia has tools that can be technically complex, countries that have invested in developing indigenous offensive and defensive capabilities — such as Saudi Arabia’s Middle Eastern neighbors Iran and Israel — possess a greater range of cyber weapons and tactics, he said.

Nevertheless, Saudi Arabia’s purchased tools are an effective way for the regime to exert control, allegedly deploying these tools to spy on Saudi dissidents and journalists, according to experts.

The Embassy of Saudi Arabia didn’t immediately respond to a request for comment sent through its website form. Last week the Embassy denied involvement in the Bezos incident.

In recent years, as cyber actors have generally grown more sophisticated, so have the tools for sale, said Andrew Grotto, a fellow at Stanford University who served as the senior director for cybersecurity policy on the National Security Council from late 2015 to mid-2017.

We are deeply grateful to our readers & viewers for their time, trust and subscriptions.

Quality journalism is expensive and needs readers to pay for it. Your support will define our work and ThePrint’s future.

SUBSCRIBE NOW

The purchase of cyber weapons — including from marketplaces in the Middle East and Europe, and possibly from criminals — isn’t unique to Saudi Arabia, experts say. Other countries, such as Vietnam and the United Arab Emirates, have also utilized their defense budgets to outsource cyber arsenals.

The embassy of Vietnam didn’t immediately respond to a request for comment, nor did the UAE embassy.


Also read: Bezos phone hack: Why Saudi crown prince MBS needs cyberweapons


Estimates for the start of Saudi Arabia’s purchasing of cyber tools range anywhere from half a decade to two decades ago, with the country appearing to focus on surveillance activities. While cyber tools can be used to delete or alter data, hold systems hostage and disrupt traffic, Saudi Arabia has primarily focused on using them for spying, the experts said.

As Saudi Arabia has purchased offensive capabilities, the country’s defenses have also been put to the test, experts said. For example, a dramatic cyber-attack — believed to be sponsored by Iran — devastated the computers of the state oil company, Saudi Aramco, in 2012.

These allegedly weak defenses can be problematic for American interests, as attacks on allies can be used as an indirect way to impact the U.S., said James Lewis, senior vice president at the Center for Strategic & International Studies.

“The Saudis are not that sophisticated in their cyber capabilities and that has been a problem for the U.S.,” Lewis said. “What they are sophisticated in is the ability to buy outside capabilities.”

In addition to purchasing cyber capabilities, Saudi Arabia has also become adept at deploying disinformation campaigns to promote national interests, according to experts.

For example, in August, Facebook Inc. removed hundreds of government-linked accounts and pages engaged in a sophisticated and wide-reaching influence campaign that praised the regime and criticized neighboring countries. Two months later, Twitter Inc. removed thousands of state-backed accounts based in Saudi Arabia — suspending tens of thousands of others — which manipulated the platform in order to promote Saudi Arabia’s geopolitical interests and amplify support for its authorities.

The spyware allegedly used to hack Bezos’s phone was “developed and marketed by a private company and transferred to a government without judicial control of its use,” according to two United Nations special rapporteurs, in a statement last week. The alleged purpose was to “influence, if not silence,” coverage of the Saudi regime by the Bezos-owned Washington Post, according to the rapporteurs.

“The intrusion likely was undertaken through the use of a prominent spyware product identified in other Saudi surveillance cases,” such as tools purchased from Israel’s NSO Group or Italy’s Hacking Team, according to the statement.

The allegations come following a December 2018 suit, in which Saudi dissident Omar Abdulaziz alleged NSO Group software enabled Saudi Arabia to hack his phone and track his communications with Jamal Khashoggi, a Washington Post journalist, and Saudi insider-turned-critic, who was slain by agents of the Saudi government, according to the U.S..

Memento Labs, which acquired Hacking Team last year, didn’t immediately respond to request for comment; it has previously denied any involvement in the Bezos incident. An NSO Group representative referred to a statement published on its website: “We can say unequivocally that our technology was not used in this instance.” Regarding the lawsuit, a NSO Group spokesman said, “Khashoggi was not targeted by any NSO product or technology.”

In a manner typical of Saudi’s digital operations, the murder of Khashoggi was followed by a “massive online campaign” that targeted Bezos’s business interests on social media, according to the U.N. rapporteurs. The following month, in November 2018, “Boycott Amazon” trended as the top hashtag on Saudi Twitter, they said.- Bloomberg


Also read: Modi and MBS, the two wrong foreign leaders Jeff Bezos befriended


 

Subscribe to our channels on YouTube & Telegram

News media is in a crisis & only you can fix it

You are reading this because you value good, intelligent and objective journalism. We thank you for your time and your trust.

You also know that the news media is facing an unprecedented crisis. It is likely that you are also hearing of the brutal layoffs and pay-cuts hitting the industry. There are many reasons why the media’s economics is broken. But a big one is that good people are not yet paying enough for good journalism.

We have a newsroom filled with talented young reporters. We also have the country’s most robust editing and fact-checking team, finest news photographers and video professionals. We are building India’s most ambitious and energetic news platform. And we aren’t even three yet.

At ThePrint, we invest in quality journalists. We pay them fairly and on time even in this difficult period. As you may have noticed, we do not flinch from spending whatever it takes to make sure our reporters reach where the story is. Our stellar coronavirus coverage is a good example. You can check some of it here.

This comes with a sizable cost. For us to continue bringing quality journalism, we need readers like you to pay for it. Because the advertising market is broken too.

If you think we deserve your support, do join us in this endeavour to strengthen fair, free, courageous, and questioning journalism, please click on the link below. Your support will define our journalism, and ThePrint’s future. It will take just a few seconds of your time.

Support Our Journalism

Share Your Views

LEAVE A REPLY

Please enter your comment!
Please enter your name here