UAE: A U.S. spy report provides a reminder of Abu Dhabi’s cyber record

“The United Arab Emirates steered U.S. foreign policy in its favor through a series of legal and illegal exploits, according to an unprecedented U.S. intelligence document,” says John Hudson.

In what was described as the “strongest evidence yet that the United Arab Emirates is trying to meddle in U.S. politics”, John Hudson of the Washington Post revealed last weekend that U.S. intelligence officials have concluded the United Arab Emirates meddled in the American political system, including by hacking into computers in the United States.

“Three people who read a classified report and spoke on the condition of anonymity to discuss classified information said the activities attributed to the UAE in the report go well beyond mere influence peddling,” John Hudson states.

The activities covered in the report, described to The Washington Post by three people who have read it, include illegal and legal attempts to steer U.S. foreign policy in ways favorable to the “Arab autocracy”.

It reveals the UAE’s bid, spanning multiple U.S. administrations, to exploit the vulnerabilities in American governance, including its reliance on campaign contributions, susceptibility to powerful lobbying firms and lax enforcement of disclosure laws intended to guard against interference by foreign governments, these people said. Each spoke on the condition of anonymity to discuss classified information.

The document was compiled by the National Intelligence Council and briefed to top U.S. policymakers in recent weeks to guide their decision-making related to the Middle East and the UAE, which enjoys outsize influence in Washington.

The report is remarkable in that it focuses on the influence operations of a friendly nation rather than an adversarial power such as Russia, China or Iran. It is also uncommon for a U.S. intelligence product to closely examine interactions involving U.S. officials given its mandate to focus on foreign threats.

“One of the more brazen exploits involved the hiring of three former U.S. intelligence and military officials to help the UAE surveil dissidents, politicians, journalists and U.S. companies. In public legal filings, U.S. prosecutors said the men helped the UAE break into computers in the United States and other countries,” Hudson writes.

The report amounted to a “unique” intelligence examination of a “friendly power,” said Bruce Riedel, a senior fellow at the Brookings Institution who once served on the National Intelligence Council, which compiled the report and typically writes such reports about adversaries.

But it also serves as a reminder that the UAE has sought to become a force in cyberspace and has made questionable use of cyberweapons, including by siphoning ex-U.S. officials into surveillance work against the United States itself.

Ruth Ben-Ghiat, a history professor at New York University, comments on the report in a tweet, saying: “Maybe an authoritarian regime (UAE is considered a monarchic dictatorship) is not a reliable partner of a democracy after all!”

Three former officials accused of providing hacking help to the UAE — Marc Baier, Ryan Adams and Daniel Gericke — have admitted to the charges. They were part of a clandestine UAE program dubbed Project Raven, which Reuters’s Chris Bing and Joel Schectman first reported on in 2019.

Under Project Raven, former U.S. government hackers aided foreign intelligence services in the surveillance of journalists, human rights activists, rival governments and dissidents. That included the targeting of Americans.

And the pipeline continues. Just last month, my colleagues Craig Whitlock and Nate Jones reported that over the past seven years, nearly 300 military retirees have sought federal authorization to work for the UAE.

That includes cybersecurity advisers. While the CIA’s counterintelligence chief last year warned retired operatives not to sell their skills to foreign powers, U.S. troops with cyberwarfare experience haven’t encountered those kinds of restrictions.

The UAE has repeatedly been connected with the use of spyware known as Pegasus, a product of the NSO Group.

There’s evidence that the UAE was involved in the targeting of Hanan Elatr, the wife of murdered Washington Post journalist Jamal Khashoggi, my colleague Dana Priest reported last year.

While she was under interrogation in Dubai, someone got into her confiscated phone and connected it to a website configured by NSO for a UAE customer, according to a forensic analysis.

“NSO Group conducted a review which determined that Pegasus was not used to listen to, monitor, track, or collect information about Ms. Elatr,” NSO attorney Thomas Claire said. “The Post’s continued efforts to falsely connect NSO Group to the heinous murder of Mr. Khashoggi are baffling.”

A “Pegasus operator” linked to the UAE also was associated with the infection of the British prime minister’s office, according to a report in April from the University of Toronto’s Citizen Lab.

The UAE had denied some allegations about its cyber activities in the past, and other times declined to comment.

The UAE has cultivated cybersecurity research and development and hosted security conferences as part of its aspirations to become a hub for such technologies, Agnes Helou reported for Breaking Defense last week.

“We have to look at the UAE’s approach to cybertechnology as exceptional in the Arab world as the UAE early on understood the importance of resilience in the cyber domain, not just from a defensive point of view but potentially also an offensive point of view,” said Andreas Krieg, senior lecturer at King’s College London and CEO of MENA Analytica, a Middle East-focused strategic risk consultancy.

“While most Arab states have taken tactical or operational approaches to the cyber domain, the UAE has adopted a comprehensive whole-of-nation approach to boost its domestic cyber domain in one of the most connected economies in the world,” according to Krieg.

The UAE’s reported bid to influence the U.S. system puts it in the company of not just American adversaries like Russia but friendlier nations such as Israel or Taiwan, as Hudson mentioned in his story.

FBI officials worked on plans to brief FBI leadership on NSO Group tools and drew up guidelines for how federal prosecutors should disclose spyware use in criminal proceedings, the New York Times’s Mark Mazzetti and Ronen Bergman report.

According to a court filing, the FBI decided to “cease all efforts regarding the potential use of the NSO product” on July 22, 2021. Days earlier, on July 18, The Post and 16 media partners began publishing stories on how NSO clients used Pegasus spyware to target human rights activists, journalists and executives. The U.S. government blacklisted NSO last November.

The FBI has come under pressure from Sen. Ron Wyden (D-Ore.), who told the New York Times that “it is totally unacceptable for the FBI director to provide misleading testimony about the bureau’s acquisition of powerful hacking tools and then wait months to give the full story to Congress and the American people.”

Wyden said the FBI also “owes Americans a clear explanation as to whether the future operational use of NSO tools is still on the table.”

The FBI denied that Director Christopher A. Wray provided inaccurate information, with a spokeswoman telling the New York Times that “the director’s testimony was accurate when given and remains true today — there has been no operational use of the NSO product to support any FBI investigation.”