On January 30, Reuters released two investigative reports on hacking activities of the United Arab Emirates’ National Electronic Security Authority (NESA) targeting political leaders and activists, suspected terrorists, and the governments of Qatar, Turkey, and Iran. The report is the latest evidence of an ongoing cyberwar by the UAE and its ally Saudi Arabia against Qatar, and the UAE has been enlisting US and Israeli experts to help. Reuters’ sources also said that the project targeted American citizens for surveillance.
Citing documents reviewed by Reuters and eight individuals who claimed to have worked as US contractors supporting the operation (referred to as Project Raven), the report claims that Baltimore-based CyberPoint and the UAE-based firm DarkMatter—ostensibly hired to help NESA build a threat monitoring and defensive capability similar to the National Security Agency/Central Security Service National Threat Operations Center (NTOC)—also had a secret task of providing NESA with an offensive cyber capability. Some of the US citizens employed by CyberPoint and later by DarkMatter were former NSA analysts who worked at NTOC or, in some cases, NSA’s Tailored Access Operations unit.
If US contractors targeted American citizens for a foreign government by using electronic surveillance, that would be in violation of US law—and potentially fatal for companies such as CyberPoint, which has done work for the US government at the Patent and Trademark Office, DARPA, and other agencies. Ars attempted to reach CyberPoint executives for comment, but we received no response before publication. However, Ars was able to reach Daniel Wolfford, a former NSA analyst, former director of threat intelligence at DarkMatter, and now co-founder of a Dubai-based cybersecurity and cryptocurrency firm called Advanced Analysis. Wolfford strongly denied the accusation.