Hacking of Qatar website was ‘planned in advance’

Image for post
Image for post
Yesterday’s press conference in Doha

It’s increasingly clear that the hacking incident last May which created a pretext for the Saudi-Emirati confrontation with Qatar was not a random attack: it had been carefully planned and took more than a month to prepare. This is a significant development because it suggests that the resulting international crisis, far from blowing up unexpectedly, had also been planned in advance.

At thirteen minutes past midnight on May 24, an item appeared on the website of the government-run Qatar News Agency (QNA) purportedly quoting inflammatory remarks from a speech the emir had supposedly made at a military ceremony the previous day. The account was fictitious, and numerous witnesses have confirmed that although the emir did attend the ceremony he gave no speech.

Despite Qatar’s protestations that the website had been hacked and the report was a fake, Saudi and Emirati media insisted the report was true and used it as the excuse for an unprecedented propaganda campaign against Qatar. The Saudi and Emirati governments, backed by Bahrain and Egypt, then imposed sanctions on Qatar which amount to an economic siege.

In June, Qatar’s interior ministry announced that investigators assisted by the FBI and Britain’s National Crime Agency (in accordance with pre-existing cooperation agreements) had confirmed the hacking.

On Sunday, citing unnamed US intelligence officials, the Washington Post reported that the UAE had orchestrated the hacking. It said:

“Officials became aware last week that newly analysed information gathered by US intelligence agencies confirmed that on May 23 [the day before the hacking], senior members of the UAE government discussed the plan and its implementation. The officials said it remains unclear whether the UAE carried out the hacks itself or contracted to have them done.”

The UAE, not surprisingly, denies this.

Yesterday, Qatar’s interior ministry said it had further evidence of an Emirati connection: an IP address linked to the hacking had been traced back to the UAE. Qatar did not directly blame the Emirati government but one Qatari official told al-Jazeera the level and the quality of the hacking was so professional that it had to have “state resources” behind it.

According to the Qataris, hackers initially gained entry to QNA’s computer system on April 19 — more than a month before the fake news report appeared. Whoever broke into the system did so remotely (not from a computer in QNA’s office) and is said to have installed “malicious programmes”.

Qatari officials haven’t said exactly what these programmes were but it appears that the main purpose was to acquire the login details for all QNA staff — including their passwords. Once armed with that information, hackers would be able to use QNA’s editorial system, and post stories, in the same way as its journalists.

According to Ali Mohammed al-Mohannadi, head of the interior ministry’s technology division, “The hackers had total control of the QNA network, including the related accounts, websites and related social platforms.”

Doha News reports that the hackers made a final preparatory check of the system on May 20 — just as Donald Trump was about to arrive in Saudi Arabia for what became known as the Islamic-American Summit.

Mischief-making on the internet has become a common feature of political battles in the Middle East (see previous blog post) but the QNA hacking affair is the first in the region to have major international repercussions.

Another incident last week was a fake news item about Qatar which succeeded in fooling Reuters news agency and many news organisations which subscribe to its service. On July 15, Reuters circulated this story:

The six Arab countries who last month cut ties with Qatar are reported to have written to world soccer’s governing body Fifa to demand it be stripped of hosting the 2022 World Cup because they consider the Gulf state to be a “base of terrorism”.

Fifa president Gianni Infantino told Swiss website The Local that Saudi Arabia, Yemen, Mauritania, the United Arab Emirates, Bahrain and Egypt had collectively written to Fifa asking it to remove Qatar as hosts under Article 85 of the Fifa Code, which allows for such action in the case of emergency.

“The countries warned Fifa of the risks threatening fan and player security in a country that is ‘the base and the castle of terrorism’,” The Local quoted Infantino as saying.

Infantino also said the countries have threatened to boycott the tournament should their request not be acted upon.

Reuters has not seen a copy of the letter and Fifa did not respond to a request for confirmation.

Fifa later denied receiving any such letter and Reuters withdrew the story.

It also emerged that the original story had not been published on The Local’s website but on a fake website (newly-registered in Hawaii) which had been designed to look like The Local.

Earlier this month, Saudi Arabia claimed to have identified 23,000 Twitter accounts which it said were “driven by Qatar” and aimed at encouraging revolution in the kingdom.

Originally published at al-bab.com.

Former Middle East editor of the Guardian. Website: www.al-bab.com. Author of 'Arabs Without God'.

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store