Apple, Shaggy, and Hacks in the Gulf
By Brian Dooley
This blog is cross-posted from the Huffington Post.
Apple iPhone’s major security scare last week drew attention not only to the importance of not clicking on suspicious links but also on the repression in Washington’s ally the United Arab Emirates.
The target of the attempted spying was prominent human rights defender Ahmed Mansoor, forbidden form leaving his country by the government because of his work in exposing the country’s shocking rights record. His quick thinking in not clicking on the sms links sent to his iPhone on August 10 and 11 (which promised “new secrets” about prisoners tortured in the UAE jails) revealed a frightening attempt to embed spyware on his phone and forced Apple to issue anurgent security update.
Instead of clicking, Mansoor forwarded the links to Citizen Lab, an impressive team of researchers based at the University of Toronto, who exposed the technology behind the attack. That people would want to hack into Mansoor’s phone is not surprising. He’s a leading human rights activist in an authoritarian regime and last year’s winner of the prestigious Martin Ennals Human Rights Defender Award. He has also been previously targeted by spyware.
It was a close call for Mansoor and a sharp reminder of how easy it could be for any phone – including your phone – to be penetrated. “You have to be constantly vigilant to make sure the hackers don’t sneak through. It’s very easy to just click on something without thinking – always be wary, always be sceptical of links from unknown sources,” Mansoor told me.
Global media coverage of the attack on Mansoor provided rare reminders of the UAE’s suffocation of human rights and came the same week as a less publicized hacking scandal involving another of Washington’s repressive allies.
In neighboring Bahrain an abusive sectarian outburst appeared from the instagram account of Deputy Chief of Public Security Sheikh Khalifa bin Ahmed Al Khalifa. The 200-word detailed tirade included a variety of abuse against the Shia sect, including allegations of incest. Sheikh Al Khalifa’s response once the abuse became shared more publicly was to insist it wasn’t him.
It was a claim supported by the dictatorship’s security services. The Bahrain News Agency reassured the country August 24 that “The Director-General of Anti-corruption and Economic & Electronic Security has announced that the personal Instagram account of the Deputy Chief of Public Security was recovered within hours of its being hacked. He denied that the Deputy Chief had written the posts about any sect …”.
It reminded me of an incident last year involving the twitter account of Dr. Ebrahim Al Dossary (@dredossary). According to locals, and to the Amlak International Investment Company website, Dr Al Dossary is Chairman of the investment company in Bahrain and, says its website, he “also plays a key role at the Office of the Prime Minister HRH the Prince Sheikh Khalifa bin Salman Al Khalifa,” a role where he is “a much respected figure for his forthright and uncompromising stance”. Last August a tweet from his account suggested that Human Rights First “is run by one person mo’gor Brian, is a homosexual ….”
When I asked Dr Al Dossary to publicly renounce the homophobia emanating from his account he claimed “It was not me who send it …One of my team….” although the following day the account tweeted at me again: “U old mentaly and sexually sick gay…Stay away from my country and my people.”
This sophisticated form of defense used by both Dr AlDossary and Shiekh Al Khalifa was first perfected in 2000 by the singer Shaggy, but the flat denials of “it wasn’t me” look pretty unconvincing. Perhaps Citizen Lab should investigate.