Page 2 - AT
P. 2
A2 UP FRONT
Friday 9 November 2018
In online ruse, fake journalists tried to hack Saudi critic
By RAPHAEL SATTER watchdog Citizen Lab re- into his head," Scott-Railton
AP Cybersecurity Writer cently reviewed AlAhmed's said.
WASHINGTON (AP) — emails and confirmed they As a critic of Saudi Arabia's
Hackers impersonating were malicious — although ruling family, AlAhmed has
journalists tried to intercept he stopped short of draw- been a regular on Ara-
the communications of a ing a link between the dif- bic and English-language
prominent Saudi opposition ferent messages or blam- cable news for more than
figure in Washington, The ing anyone for the hacking a decade. He has long
Associated Press has found. campaign. served Washington journal-
One attempt involved the "This was a targeted opera- ists as a source about the
fabrication of a fake BBC tion designed to gain ac- kingdom's problems, espe-
secretary and an elabo- cess to his accounts and cially in relation to extremist
rate television interview re- private communications," propaganda in the coun-
quest; the other involved said John Scott-Railton, try's school textbooks.
the impersonation of slain whose group is based at Saudi Arabia is a known
Washington Post columnist In this Oct. 26, 2018, photo Ali AlAhmed poses for a photograph the University of Toronto's practitioner of cyberespio-
Jamal Khashoggi to deliver in his office in Washington. Munk School of Global Af- nage. The country was ex-
a malicious link. Associated Press fairs. "This does appear to posed as a customer of no-
Media rights defenders de- be closely linked to his po- torious Italian surveillance
nounced the hacking ef- someone posing as a BBC the Editor In Chief," a title litical activities." firm Hacking Team in 2015
fort, which they said would journalist called "Tanya Sta- that didn't correspond to a Some of the messages and a mysterious Saudi in-
make it harder for genuine lin" emailed Washington- job typically done by pro- — like a prompt to install vestor has since taken a mi-
reporters to do their jobs. based Saudi dissident Ali ducers or bookers. Odder a "free security update" nority stake in the compa-
"It's incredibly dangerous AlAhmed inviting him to a still, the message came called "Ninja security" — ny, according to a Mother-
to employ this kind of tac- live broadcast about Sau- over Gmail rather than from were generic phishing mes- board report published this
tic," said Elodie Vialle, who di Arabia. Stalin engaged an official BBC address. sages of the type used by year. Recent reports by Cit-
heads the technology desk with AlAhmed over several And then there was her criminals and spies the izen Lab and human rights
at Paris-based Reporters days, sending him a list of eyebrow-raising last name. world over. But many of the group Amnesty Internation-
Without Borders. "The chill- proposed topics and talk- "The Stalin business threw 40-odd malicious messages al have also documented
ing effect is that people ing him through the logistics me off," AlAhmed said in a recovered from AlAhmed's the use of Israeli-made spy
are deterred from speaking of his purported television recent interview. "I asked inbox were closely attuned software to break into the
to journalists. In the end, it appearance. my wife, who is Russian, to current events in the smartphones of Saudi hu-
undermines the freedom of AlAhmed said he knew and she said: 'No one has Gulf. man rights activists, includ-
information." from the beginning that this name.'" Most troubling was a May ing Canada-based Omar
The most involved mas- something was up. AlAhmed was right. The 31 message dressed up to Abdulaziz, who was work-
querade took place in For starters, Stalin said her BBC said it wasn't aware of look like it came from an ing with Khashoggi on sev-
February of this year, when position was "Secretary to anyone called "Tanya Sta- event photography ser- eral confidential projects
lin" working for the broad- vice, complete with pic- before the columnist was
caster and that the title she tures of AlAhmed holding a killed.
claimed to hold did not for- microphone during a ques- Whoever is behind the bo-
mally exist. An Associated tion and answer session gus Tanya Stalin persona or
Press analysis of her mes- featuring the Qatari foreign the fake Jamal Khashoggi
sages suggests the inter- minister at the American emails, the messages give
view request was a sloppily Enterprise Institute in Wash- an idea of how the always-
executed trap, an attempt ington. fraught overlap between
to get AlAhmed to click a The photos, which appear espionage and journalism
malicious link and break to have been pulled off a has evolved in the inter-
into his inbox. publicly available video of net age, with government-
AlAhmed believes Saudi the event, suggest that the backed hackers routinely
Arabia is behind Stalin's hackers or someone work- impersonating journalists or
emails, as well as dozens of ing with them had been news organizations to hunt
other suspicious messages tracking AlAhmed's where- their prey. Even the FBI has
he has received over the abouts closely. impersonated reporters
past year. One November "That email was really when to hack its targets, at one
2017 missive purportedly I felt fear," said AlAhmed, point pretending to be an
came from Khashoggi, who says his work is largely AP journalist to locate a
whose killing last month on self-funded. "They are actu- bomb threat hoaxer's com-
the grounds of the Saudi ally physically here. They're puter.
Consulate in Istanbul has looking at me." Scott-Railton explained
refocused international at- Scott-Railton said the per- that masquerading as a
tention on the brutality of sistence of the hackers — journalist was a perfect
the Arab kingdom's leader- and the variety of different way of getting someone to
ship. tactics they employed to lower their guard and click
The Saudi Embassy in Wash- try to pry open AlAhmed's a link or open an attach-
ington did not return writ- inbox — pointed to a ment.
ten questions from the AP. manpower-intensive effort "It ticks all kinds of boxes," he
Washington Post Executive to compromise the Saudi said. "It explains messages
Editor Marty Baron said the gadfly. out of the blue and as part
hackers' theft of Khashog- "Over an extended pe- of communications with
gi's identity was "contempt- riod of time, humans were journalists you'd expect to
ible." tasked with getting into receive documents, like
A researcher with internet his computer and getting questions in advance."q
