WASHINGTON – A group of American hackers who once worked for U.S. intelligence agencies helped the United Arab Emirates spy on a BBC host, the chairman of Al Jazeera and other prominent Arab media figures during a tense 2017 confrontation pitting the UAE and its allies against the Gulf state of Qatar.
The American operatives worked for Project Raven, a secret Emirati intelligence program that spied on dissidents, militants and political opponents of the UAE monarchy. A Reuters investigation in January revealed Project Raven’s existence and inner workings, including that it surveilled a British activist and several unnamed U.S. journalists.
The Raven operatives — who included at least nine former employees of the U.S. National Security Agency and the U.S. military — found themselves thrust into the thick of a high-stakes dispute among America’s Gulf allies. The Americans’ role in the UAE-Qatar imbroglio highlights how former U.S. intelligence officials have become key players in the cyberwars of other nations, with little oversight from Washington.
The crisis erupted in the spring of 2017, when the UAE and allies — including Saudi Arabia and Egypt — accused Qatar of sowing unrest in the Middle East through its support of media outlets and political groups. The UAE camp demanded Qatar take a series of actions, including shuttering the Qatar-funded Al Jazeera satellite television network, withdrawing funding from other media outlets Doha supports, and cracking down on the Muslim Brotherhood, an Islamic movement some Arab governments regard as a threat.
In June 2017, the UAE camp severed diplomatic ties with Qatar and imposed an air, land and sea blockade against the tiny nation. It was an unprecedented confrontation among Arab countries that had historically prized consensus.
That week, Project Raven operatives sprang into action, launching operations to break into the Apple iPhones of at least 10 journalists and media executives they believed had connections to the Qatari government or the Muslim Brotherhood, according to program documents reviewed by Reuters and four people involved in the activities.
Raven targeted Arab media figures who spanned a range of political thought — from a Beirut-based BBC host to the chairman of Al Jazeera and a producer from a London satellite channel founded by a member of the Muslim Brotherhood.
The goal, the former Raven operatives said, was to find material showing that Qatar’s royal family had influenced the coverage of Al Jazeera and other media outlets, and uncover any ties between the influential TV network and the Muslim Brotherhood. Reuters couldn’t determine what data Raven obtained.
Al Jazeera has long maintained it is independent from Qatar’s government. Jassim Bin Mansour Al-Thani, a media attache for Qatar’s embassy in Washington, said “the government of Qatar does not request, ask, or enforce on Al Jazeera any agenda whatsoever.” Al Jazeera “is treated like any other respected media outlet.”
The UAE Ministry of Foreign Affairs and its embassy in Washington did not respond to requests for comment. The NSA declined comment. A Department of Defense spokeswoman declined comment.
Dana Shell Smith, the former U.S. ambassador to Qatar, said she found it alarming that American intelligence veterans were able to work for another government in targeting an American ally. She said Washington should better supervise U.S. government-trained hackers after they leave the intelligence community.
“Folks with these skill sets should not be able to knowingly or unknowingly undermine U.S. interests or contradict U.S. values,” Smith told Reuters.
Among the Arab journalists hacked, Raven project documents show, was Giselle Khoury, Beirut-based host of BBC Arabic’s “The Scene,” a program that interviews Middle Eastern leaders on current events. Three days after the blockade began, Raven operatives hacked her iPhone. Raven program documents show she was targeted because of her contact with Azmi Bishara, a Doha-based writer who has been critical of the UAE and founded the news outlet Al-Araby Al-Jadeed.
“They need to spend their time on making better their country, their economy,” Khoury said in an interview after Reuters informed her of the hack. “Not on having Giselle Khoury as a hacking target.”
On June 19, 2017, Americans working for Raven targeted Faisal al-Qassem, host of a popular Al Jazeera show called “The Opposite Direction,” interviews and documents show.
The show features guests who heatedly debate controversial topics such as corruption in Middle Eastern governments. Informed by Reuters about his hacking, al-Qassem said he was not surprised he was targeted by the UAE, which he accuses of being “a symbol of corruption and dirty politics.”
“In a word, they are afraid of the truth,” he said.
That same day, Raven operatives targeted the iPhone of Al Jazeera’s chairman, Hamad bin Thamer bin Mohammed Al Thani. Through an Al Jazeera spokesman, Al Thani declined comment.
The attacks utilized a cyber weapon called Karma. As Reuters reported in January, Karma allowed Raven operatives to remotely hack into iPhones by inputting a target’s phone number or associated email address into the attack software. Unlike many exploits, Karma did not require a target to click on a link sent to an iPhone, they said. Apple declined comment.
Karma provided Raven operatives access to the contacts, messages, photos and other data stored on iPhones. It did not allow them to monitor phone calls.
While Raven operatives broke into the devices, they did not have full access to the data they collected; they passed the material on to UAE intelligence officials overseeing the operation. It’s unclear what they found.
In January, UAE Minister of State for Foreign Affairs Anwar Gargash was asked by reporters in New York about Project Raven after the initial Reuters report. Gargash acknowledged his country has a “cyber capability” but didn’t specifically address the program. He denied targeting U.S. citizens or countries with which the UAE has good relations.
The UAE created Project Raven in 2009 with the help of American intelligence contractors and former senior White House officials from the George W. Bush administration. The U.S. National Security Council declined comment on Project Raven.
At first, the goal was to crack down on terrorism by helping the UAE monitor militants around the region. But Raven’s mission quickly expanded to include monitoring and suppressing a range of UAE political opponents, the documents show.
Among its targets was Qatar, which the UAE and Saudi Arabia had long accused of fueling political opposition across the region, in part through the Qatari government’s funding of Al Jazeera.
During the Arab Spring protests of 2011, Gulf countries viewed Al Jazeera’s expansive coverage of street demonstrations as a deliberate attempt by Qatar to fuel opposition to their monarchs. “It was seen as a tool to foment popular unrest,” said Elisa Catalano Ewers, a former adviser on the region for President Obama’s National Security Council.
Al Jazeera’s protest coverage “had a huge psychological impact” for demonstrators, said Moncef Marzouki, the former president of Tunisia, who was elected in 2011 after Arab Spring demonstrations ousted long-time ruler Zine al-Abidine Ben Ali. The broadcasts sent a message to protesters that “this battle is happening everywhere, you are not alone.”
Al-Qassem, the host hacked by Raven, said Al Jazeera presents all sides, without censorship. “The street and the Arab people can decide what’s right,” he said.
Wary of the Muslim Brotherhood’s growing influence in the region after the 2011 protests, UAE authorities launched a crackdown on dozens of suspected Islamists, many of whom have been convicted of planning to overthrow the government. In 2014, the UAE formally designated the Brotherhood and local affiliates as terrorist groups.
The Emiratis also tapped Raven in the effort to contain dissent at home, according to former Raven operatives and project documents. In the years after the Arab Spring, the operatives were increasingly tasked with targeting human rights activists and journalists who questioned the government.
In June 2017, after Gulf nations began their blockade of Qatar, the UAE ramped up efforts to spy on journalists seen as tied to Qatar. That month, Project Raven’s Qatar mission expanded from two full-time operatives assigned to the country to seven.
On June 20, Raven operatives hacked into the iPhone of Abdullah Al-Athba, chief editor of Qatar’s oldest newspaper, Al-Arab, program documents show.
In an interview with Reuters, Al-Athba said he believed he was targeted “because I am a supporter of the Arab Spring since the beginning,” who repeatedly criticized the Emiratis for their opposition to the movement.
The Raven effort went beyond the Middle East. Operatives used Karma to target the mobile phones of other media figures the UAE believed were being supported by Qatar, including journalists for London-based Arabic media outlets Al-Araby TV and Al-Hiwar. Both networks televise Arabic language channels popular in the Middle East.
Al-Thani, the Qatari spokesman, said the government does not support Al-Araby TV, Al-Hiwar or Al Arab.
The satellite channel Al-Araby TV and its namesake website are units of London-based Fadaat Media Ltd, owned and supported by Qatari businessmen. The outlet sees itself as the voice of “secular, liberal, pro-democracy” Arabs, said Abdulrahman Elshayyal, director of Al-Araby TV. He and two other Araby employees were hacked in the weeks following the start of the blockade, Raven documents show.
“It’s a very worrying trend that a state is using all these things to spy on people critical of them,” Elshayyal said in a phone interview. “I’m not a terrorist or a money launderer.”
Bishara, the founder of Al-Araby Al-Jadeed, was also targeted by Raven. He told Reuters he regards his outlet as “relatively independent” in the context of the Arab world. “Nobody tells us what to say,” said Bishara, a Palestinian Christian who lives in Qatar, though “sometimes the newspaper might be sensitive about what not to say, because you are not there to provoke the people that finance you.”
Al-Hiwar, another London-based Arabic satellite channel, was targeted by Raven on the day the blockade began. Al-Hiwar founder Azzam Tamimi said he believes the UAE was fearful of his channel’s support for political reform and democratization in the Arab world.
Unlike others caught in the crosshairs of Project Raven, though, Al-Hiwar doesn’t deny being sympathetic to the Muslim Brotherhood, which the outlet supports “because they are the victims,” he said. Tamimi told Reuters he is a longtime Muslim Brotherhood member and a supporter of the Palestinian militant group Hamas.
Tamimi declined to say whether the channel received money from the Qatari government but said he’ll accept any support, provided there’s no strings attached. He said the channel gives voice to a range of opinions and encourages dialogue. But there are limitations.
“The majority of our viewers are Muslim,” he said in a phone interview. “We are not going to market ideas that are alien to our culture. That’s what makes us popular.”