US spies helped UAE to monitor BBC journalist and other media figures, investigation finds

A group of American hackers who once worked for US intelligence agencies helped the United Arab Emirates spy on a BBC journalist along with a host of other prominent media figures, it has been reported.

The American operatives worked for Project Raven, a secret Emirati program that spied on dissidents, militants and political opponents of the UAE monarchy, a Reuters investigation found.

They attempted to break into the iPhones of at least 10 journalists and media executives, the report states – including a Middle East-based BBC reporter and the chairman of Al Jazeera news station.

The apparent aim was a fishing exercise to find confidential information that could be used in the UAE’s ongoing dispute with their Gulf rival Qatar and to stifle dissent.

But the revelation has potential global reach in that it highlights how highly-trained former US intelligence officials have increasingly become guns-for-hire in the cyber wars of other nations – with little oversight from Washington.

At least nine spies working on Project Raven had previously been employees of the US military or National Security Agency.

The hackers started targeting journalists in 2017 in an apparent attempt to find evidence that the Qatar royal family was funding what the UAE’s authoritarian monarchy perceived as media coverage likely to ferment dissent towards their rule.

The UAE is run as a hereditary autocracy and political dissent is not tolerated.

Among those attacked were Giselle Khoury, the Beirut-based host of BBC Arabic’s The Scene, a current affairs show specialising in interviews with Middle Eastern leaders. Another was Hamad bin Thamer Al Thani, the chairman of Al Jazeera.

When informed of the hack, Ms Khoury said: “They need to spend their time on making better their country, their economy. Not on having Giselle Khoury as a hacking target.”

Mr bin Thamer Al Thani declined to comment.

Reuters say the attacks utilized a cyber weapon called Karma – a piece of software which allowed Raven operatives to remotely hack into iPhones by inputting a target’s phone number or associated email address. Unlike many exploits, Karma did not require a target to click on a link sent to an iPhone, it is said.

The UAE Ministry of Foreign Affairs and its embassy in Washington did not respond to Reuters’ requests for comment. The US Department of Defense and the NSA also declined to comment.

But Dana Shell Smith, America's former US ambassador to Qatar, told the news agency she found it alarming that American intelligence veterans were able to work, as effective mercenaries, for another government.

“Folks with these skill sets should not be able to knowingly or unknowingly undermine US interests or contradict US values,” she said.