Jan 30, 2019

Report: Ex-NSA spies ran UAE's hacking operations

The 2015 National Day celebration in Dubai. Photo: Helen Boast/ Getty Images

In a blockbuster report, Reuters details a United Arab Emirates government program called Project Raven that used ex-NSA employees to hack espionage targets, including Americans. The report is split into two parts, one describing the overall organization and a second describing a powerful cyberweapon used by the group.

Why it matters: Project Raven targeted journalists, politicians and activists — some of whom were Americans, according to Reuters interviews with several former participants and a review of documents they provided.

Project Raven was a source of some useful intelligence according to the Reuters piece, and was successfully used to break up an ISIS network within the country.

But it also targeted U.S. journalists, a British journalist named Rori Donaghy who was critical of the United Arab Emirates, a well known organizer of the Yemen Arab Spring protests named Tawakkol Karman, an activist later convicted by the United Arab Emirates named Ahmed Mansoor, and several international politicians.

The program was run out of a UAE property nicknamed "the Villa."

Spies were recruited by a U.S. contractor named CyberPoint, which according to documents reviewed by Reuters received a license from the U.S. government in 2014 to provide "'protection of UAE sovereignty' through 'collection of information from communications systems inside and outside the UAE' and 'surveillance analysis.'"

  • It's unclear if CyberPoint obeyed any of the restrictions put on its activity, including briefing the NSA over hacking attempts or targeting U.S. systems.

In 2015, according to Reuters, the United Arab Emirates transferred the control over the program from CyberPoint to the domestic firm DarkMatter.

  • Targeting U.S. persons and the prospect of working for a United Arab Emirates company rather than a U.S. one caused many of the U.S. personnel to leave.
  • The FBI begain questioning U.S. citizens working for Project Raven when they would return to the United States.

CyberPoint did not immediately reply to our request for comment.

Go deeper