Saudi Arabia Paid Twitter Staff to Spy on Dissidents, Alleges DoJ

The U.S. Justice Dept. says two ex-employees of Twitter were paid by the Kingdom of Saudi Arabia to steal user data. Targets might have included journalist Jamal Khashoggi—later assassinated by Saudi operatives.

This is the latest shoe to drop in the state spying scandal that in 2015 caused Twitter to warn thousands of users they might be targets. What’s next?

Twitter’s response is, frankly, obfuscatory. In today’s SB Blogwatch, we ponder the sorry state of the world.

Your humble blogwatcher curated these bloggy bits for your entertainment. Not to mention: It Ain’t Me.


What’s the craic? Ellen Nakashima and Greg Bensinger report—“Former Twitter employees charged with spying for Saudi Arabia”:

 The Justice Department has charged two former Twitter employees with … accessing the company’s information on dissidents … marking the first time federal prosecutors have publicly accused the kingdom of running agents. [One] is an associate of Saudi Crown Prince Mohammed bin Salman, who the CIA has concluded likely ordered the assassination of journalist Jamal Khashoggi.

It raises concerns about the ability of Silicon Valley to protect the private information of … users from repressive governments. … The charges also reflect the wealth of data that tech firms compile on their users, including email addresses, payment methods and Internet protocol addresses that can give up a user’s location.

Twitter restricts access to sensitive account information “to a limited group of trained and vetted employees,” said a spokesman. … “We have tools in place to protect [users who] hold those in power accountable.” … The Saudi Embassy did not respond to a request for comment.

And Devin Coldewey adds, “Saudi Arabia reportedly recruited Twitter employees to steal personal data of activists”:

 [The] users were warned of the attempt in 2015, but the full picture is only now emerging. According to … the federal complaint, Ahmad Abouammo and Ali Alzabarah were both approached by the Saudi government, which promised “a designer watch and tens of thousands of dollars” if they could retrieve personal information on certain users.

The attempt resulted in Twitter alerting thousands of users that they were the potential targets of a state-sponsored attack, but that there was no evidence their personal data had actually been exfiltrated. … The cases in question are still open, [so] more information will likely come to light soon.

Trigger warning: Xeni Jardin pulls no punches—“DOJ charges former Twitter staff”:

 Saudi Prince Mohammed Bin Salman [and] the Kingdom of Saudi Arabia … are believed to have murdered Washington Post journalist and U.S. resident Jamal Khashoggi by cutting off his head and dismembering him alive. … Twitter has some very serious security explaining to do.

Ouch. Charles Arthur has lighter background:

 People getting access to inner workings is a classic method of espionage; the other is blackmail, so maybe Twitter (and Facebook) could think about how they might discover that happening among their staff. The stakes are so high for nation states that a bit of light national destabilisation (or national boosting) goes with the territory.

But isn’t Saudi Arabia our ally? Ray Morris has a nuanced opinion:

 The US has a good relationship with one element of Saudi leadership: the house of Saud. That’s one part of [its] government.

The other part is the Wahhabi Muslim theocracy, which runs the schools and bunch of other stuff. Those aren’t our friends. It’s more accurate to say, “the US has some powerful allies in Saudi Arabia,” than to say, “the US is allied with Saudi Arabia.”

It gets worse. Here’s İyad el-Baghdadi, President of the Kawaakibi Foundation:

 Since Jamal Khashoggi’s murder. my team’s work was mostly focused on Jamal’s vision, which was to reclaim the Arab public sphere. It just happens that the Arab public sphere was… Twitter.

The Twitter spying scandal started long before Jamal’s murder. The employees were found out and fired. … Twitter needs to let us know immediately what they did to ensure the spying stopped and if indeed it did stop or not, and how we can know.

Twitter also needs to immediately start treating Saudi Arabia not as a “market” but as a hostile country hell bent on hacking and manipulating its medium in any way, including arresting prominent tweeters, and torturing people to death for the crime of tweeting.

The fact that my team is undertaking high impact projects directly targeting the propaganda engine of the Saudi regime has costs. Death threats is one.

I’m living under police protection in Norway for good reason.

Something must be done. dramamoose suggests something:

 Spies gonna spy, and hackers gonna hack. US companies, however, should be legally obligated to establish programs and processes to prevent that. Nobody in Twitter outside of legal counsel and certain managers in infosec should have the ability to link an IP address or browser fingerprinting data with a username.

The plot thickens, according to fortythirteen:

 Prince Alwaleed Bin Talal Bin Abdulaziz Alsaud [is a large] Twitter … shareholder, and was one of the [320] people arrested by the royal family [two years ago].

Meanwhile, cse84 leaves us with a warning:

 All data that can be abused will be abused.

Not an excuse for Twitter and its employees, but a warning to all who think big companies will handle user data responsibly without being forced to do so.

And Finally:

It Ain’t Me

Previously in And Finally

You have been reading SB Blogwatch by Richi Jennings. Richi curates the best bloggy bits, finest forums, and weirdest websites… so you don’t have to. Hate mail may be directed to @RiCHi or [email protected]. Ask your doctor before reading. Your mileage may vary. E&OE.

Image source: DonkeyHotey (cc:by)

Richi Jennings

Featured eBook
7 Must-Read eBooks for Security Professionals

7 Must-Read eBooks for Security Professionals

From AppSec to SecOps, Security Boulevard eBooks deliver in-depth insights into hot topics that matter to the Cybersecurity and DevSecOps professionals. Our staff of writers are the best in the business, with decades of practical and award-winning experience and credentials. We are excited to share our 2019 favorites. Take a look and download some of ... Read More
Security Boulevard

Richi Jennings

Richi Jennings is a foolish independent industry analyst, editor, and content strategist. A former developer and marketer, he’s also written or edited for Computerworld, Microsoft, Cisco, Micro Focus, HashiCorp, Ferris Research, Osterman Research, Orthogonal Thinking, Native Trust, Elgan Media, Petri, Cyren, Agari, Webroot, HP, HPE, NetApp on Forbes and Bizarrely, his ridiculous work has even won awards from the American Society of Business Publication Editors, ABM/Jesse H. Neal, and B2B Magazine.

richi has 384 posts and counting.See all posts by richi