Tag Archive for: Saudi
Saudi activist Loujain al-Hathloul files lawsuit claiming 3 former U.S. officials helped hack her iPhone before she was imprisoned, tortured
Loujain al-Hathloul, a prominent Saudi political activist who pushed to end a ban on women driving in her country, is suing three former U.S. intelligence and military officials she says helped hack her cellphone so a foreign government could spy on her before she was imprisoned and tortured.
The nonprofit Electronic Frontier Foundation announced Thursday that it had filed a lawsuit in U.S. federal court on al-Hathloul’s behalf against former U.S. officials Marc Baier, Ryan Adams and Daniel Gericke, as well as a cybersecurity company called DarkMatter that has contracted with the United Arab Emirates.
In the lawsuit, al-Hathloul alleges that the trio oversaw a project for DarkMatter that hacked into her iPhone to track her location and steal information as part of broader surveillance efforts targeting dissidents within the UAE and its close ally Saudi Arabia. She said the hacking of her phone led to her “arbitrary arrest by the UAE’s security services and rendition to Saudi Arabia, where she was detained, imprisoned, and tortured.”
Handout . / REUTERS
“Companies that peddle their surveillance software and services to oppressive governments must be held accountable for the resulting human rights abuses,” said EFF Civil Liberties Director David Greene.
DarkMatter assigned her the codename of “Purple Sword,” the lawsuit says, citing a 2019 investigation by Reuters that first detailed the hacking of al-Hathloul.
The lawsuit is the latest legal challenge to the secretive private cyber-surveillance industry, which often sells pricey hacking services to authoritarian governments that are used to secretly break into phones and other devices of activists, journalists, political opponents and others. Tech giant Apple filed a lawsuit last month against Israel’s NSO Group seeking to block the world’s most infamous hacker-for-hire company from breaking into Apple’s products, like the iPhone.
Baier, Adams and Gericke admitted in September to providing sophisticated computer hacking…
Saudi activist sues 3 former U.S. officials over hacking
RICHMOND, Va. (AP) — Loujain al-Hathloul, a prominent Saudi political activist who pushed to end a ban on women driving in her country, is suing three former U.S. intelligence and military officials she says helped hack her cellphone so a foreign government could spy on her before she was imprisoned and tortured.
The nonprofit Electronic Frontier Foundation announced Thursday that it had filed a lawsuit in U.S. federal court on al-Hathloul’s behalf against former U.S. officials Marc Baier, Ryan Adams and Daniel Gericke, as well as a cybersecurity company called DarkMatter that has contracted with the United Arab Emirates.
In the lawsuit, al-Hathloul alleges that the trio oversaw a project for DarkMatter that hacked into her iPhone to track her location and steal information as part of broader surveillance efforts targeted at dissidents within the UAE and its close ally Saudi Arabia. She said the hacking of her phone led to her “arbitrary arrest by the UAE’s security services and rendition to Saudi Arabia, where she was detained, imprisoned, and tortured.”
“Companies that peddle their surveillance software and services to oppressive governments must be held accountable for the resulting human rights abuses,” said EFF Civil Liberties Director David Greene.
DarkMatter assigned her the codename of “Purple Sword,” the lawsuit says, citing a 2019 investigation by Reuters that first detailed the hacking of al-Hathloul.
The lawsuit is the latest legal challenge to the secretive private cyber-surveillance industry, which often sells pricey hacking services to authoritarian governments that are used to secretly break into phones and other devices of activists, journalists, political opponents and others. Tech giant Apple filed a lawsuit last month against Israel’s NSO Group seeking to block the world’s most infamous hacker-for-hire company from breaking into Apple’s products, like the iPhone.
Baier, Adams and Gericke admitted in September to providing sophisticated computer hacking technology to the UAE and agreed to pay nearly $1.7 million to resolve criminal charges in a deferred prosecution agreement the Justice Department described as the first of its kind. The…
Hackers reportedly demand $50m from Saudi Aramco over data leak
The world’s most valuable oil producer Saudi Aramco has confirmed to the BBC that company data has leaked from one of its contractors.
The files are now reportedly being used in an attempt to extort $50m (£36.5m) from the company.
The global oil and gas industry has long been criticised for failing to invest in cyber security.
In May, the Colonial Pipeline in the US was hit by a ransomware cyber-attack.
In an emailed statement, Aramco told the BBC that it “recently became aware of the indirect release of a limited amount of company data which was held by third-party contractors.”
The Saudi Arabian energy giant did not say which contractor was affected nor whether the contractor had been hacked or if the files was leaked in some other way.
“We confirm that the release of data was not due to a breach of our systems, has no impact on our operations and the company continues to maintain a robust cybersecurity posture,” the firm said.
According the Associated Press (AP), one terabyte, or 1,000 gigabytes, of Aramco’s data was being held by extortionists, citing a page on the darknet – a part of the internet within an encrypted network which is accessible only through specialised anonymity-providing tools.
The AP report said the page offered to delete the data in exchange for $50m in cryptocurrency, although it is unclear who is behind the ransom plot.
Aramco did not immediately respond to a BBC request for clarification over the AP report that the company was the target of a $50m extortion attempt.
The oil and gas industry, which includes the companies that own wells, pipelines and refineries, has failed to invest in cyber-security over the years, according to experts.
This is not the first time Aramco has been the target of a data-related attack. In 2012, the company’s computer network was hit by the so-called Shamoon virus.
The cyber-attack this year on the Colonial Pipeline in the US further highlighted the vulnerabilities of the energy industry’s computer systems.