Content

American hackers among Project Raven operatives spying on media, dissidents for UAE

Project Raven hackers, formerly members of the U.S. intelligence community, spied on members of the Arab media, including a BBC host and the chairman of Al Jazeera, on behalf of the United Arab Emirates (UAE) as the UAE squared off against Qatar in 2017.

The UAE and its allies had pressed Qatar to shut down the Al Jazeera TV network, claiming the Gulf state’s support of media and dissidents was contributing to unrest in the region. The UAE’s Project Raven intelligence program, aimed at spying on opponents of the UAE's monarchy, used at least nine U.S. operatives to hack the Apple iPhones of at least 10 journalists and media executives with purported links to Qatar’s government or the Muslim Brotherhood, according to a Reuters report.

“Incidents of cyberwarfare between nation-states are becoming more visible as these attacks escalate and media outlets investigate reported events,” said Moss Adams Senior Director of Cybersecurity Nathan Wenzler, who expects an uptick in the number of events as countries increasingly rely on technology to function.

“Moving from traditional (and very public) battlefields and focusing on obfuscated cyberattacks has, more and more, become the norm for aggressor nations” that are using tactics similar to “traditional military strategies such as striking infrastructure or power grid targets, to using external groups to conduct operations in order to create a layer of obfuscation as to who is the source of an attack,” Wenzler said.

While nations have improved their cyberwarfare acumen and safeguarding “against their own assets who may leave and work elsewhere,” Wenzler said there’s still much work to be done.

“We see the same problems in the corporate world from insider threats or employees leaving a company and taking intellectual property with them,” he said. “Governments must take the same kinds of steps to ensure that intelligence and information assets not exfiltrate any protected, secured information when they go, but that they also don’t end up on the other side of the cyberwarfare arena.”

Related

DevSecOps Scanning Challenges & Tips

There are many ways to do DevSecOps, and each organization — each security team, even — uses a different approach. Questions such as how many environments you have and the frequency of deployment of those environments are important in understanding how to integrate a security scanner into your DevSecOps machinery. The ultimate goal is speed […]

It Should Be ‘Cybersecurity Culture Month’

It’s Cybersecurity Awareness Month, but security awareness is about much more than just dedicating a month to a few activities. Security awareness is a journey, requiring motivation along the way. And culture. Especially culture.That’s the point Proofpoint Cybersecurity Evangelist Brian Reed drove home in a recent appearance on Business Security Weekly.“If your security awareness program […]

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.