in

Why the Saudi Crown Prince needs cyberweapons

[ad_1]

By Eli Lake

It’s hard to overestimate just how much damage Crown Prince Mohammed bin Salman of Saudi Arabia has done to his country in the last 15 months. Yet it’s also difficult to see how the U.S. can defend its interests in the region without his cooperation.

The damage became visible on Oct. 2, 2018, when a Saudi hit team lured Washington Post columnist Jamal Khashoggi to the Saudi consulate in Istanbul to murder him. The latest revelation is a hacking campaign against Jeff Bezos, the founder and CEO of Amazon.com Inc., who also owns the Washington Post. As a UN report released Wednesday notes: “The information we have received suggests the possible involvement of the Crown Prince in surveillance of Mr. Bezos, in an effort to influence, if not silence, The Washington Post’s reporting on Saudi Arabia.”

A security consultant for Bezos made a version of this claim last year. The UN report fills in more details. It says that Bezos and the crown prince, known as MBS, attended a dinner on April 4, 2018, where the two men exchanged their WhatsApp contact information. On May 1, a video was sent to Bezos from MBS’s account that included malware that allowed the Saudis to keep tabs on his phone. More than six months later, on Nov. 8, MBS trolled Bezos, sending him a photo of a woman that resembled his paramour. This was months before the National Enquirer published a story about Bezos and his extramarital affair.

UN reports are not always reliable, of course. The Wall Street Journal reported last March that the Enquirer got its scoop about the Bezos affair from his lover’s brother, to whom it paid $200,000. That said, the specifics of the report support what’s widely known about the Saudis’ extensive cyberespionage operation. In November, for example, the Justice Department charged two former employees of Twitter and a Saudi national with spying for Saudi Arabia. In October, Facebook sued an Israeli company, alleging it had compromised the accounts of 1,400 users of WhatsApp, which Facebook owns. That company has also sold its products to Saudi Arabia.

The company, the NSO Group, issued a statement Wednesday saying its technology “cannot be used on U.S. phone numbers” and “was not used in this instance.” And the UN report, it should be noted, does not explicitly say that it was, noting that the hack “likely was undertaken” by the use of spyware “such as the NSO Group’s Pegasus-3 malware.”

It’s worth paying attention, however, to something else in the NSO Group’s statement. These kinds of hacks “put a strain on the ability to use legitimate tools to fight serious crime and terror.”

This is an understatement. Saudi Arabia has already shown that it cannot be trusted with powerful cybertools such as those developed by the NSO Group. Technology that is vital to combating jihadist groups should never be used to target dissidents — or the owners of U.S. newspapers, for that matter.

A straightforward response to the latest episode of this Saudi scandal would be to ban any exports of advanced cyberweapons to the regime. And it’s a tempting proposition.

Before Western governments take that step, they might recall that it took years after the Sept. 11 attacks to get Saudi Arabia to fully commit to fighting the jihadist groups its religious leaders had inspired and some of its wealthiest citizens had financed. MBS represents a departure from this double game. His reforms infuriate not just the liberal activists he jails and disappears, but the reactionaries who prospered under the previous system.

If it were just another dictatorship, it would be easy enough to quarantine Saudi Arabia until it reforms. Unfortunately, Saudi Arabia remains a vital partner against Iran and the jihadists in the Middle East. Its enemies are also the West’s enemies. For now, as my Bloomberg Opinion colleague Bobby Ghosh notes, the challenge is to press MBS to stop acting like the thugs he’s fighting.

[ad_2]

Source link

Madonna Madame X tour: Star cancels first London show

Groq launches the first AI accelerator card capable of 1 PetaOPS