EXCLUSIVE: Details of Qatar’s cyber espionage campaign in the United States

Qatar hacked more than 1,200 Americans--including friends of President Donald Trump--European counterterrorism officials, Arab leaders, international football stars and Bollywood actresses, according to legal documents, technical reports and former CIA operatives.

This is believed to be the biggest hack ever uncovered. It stretches across four continents – North America, Europe, Africa and Asia – and spread across four years, beginning in 2014. It invaded the private lives of more than 1,000 of Qatar's perceived enemies.

A legal case filed by Republican businessman and fundraiser Elliott Broidy against the State of Qatar and several individuals, for conspiring in a cyberattack against him and numerous others, had revealed what was seen as crucial evidence of the hack. Details of this can be found here.

This evidence that would be useful for the ongoing US federal investigation in the Qatari cyberattack against US citizens and allies, a CIA source told Al Arabiya English on condition of anonymity.

A complaint filed by former US ambassador and lawyer Lee Wolosky of Boies Schiller Flexner LLP, who had served in significant national security positions under the last three US presidents, stated that Broidy had served on the Homeland Security Advisory Council from 2006 to 2009, specifically on the Future of Terrorism Task Force.

The findings of a report issued by the task force highlighted the main factors that would define the future of terrorism: The leaderships of the terrorist groups, US counterterrorism efforts, political reform in Islamic countries, and the remaining safe havens in the region.

The Wolosky complaint referenced this report to state that it was directed at countries that were providing shelter and safety for the terrorist organizations, including the State of Qatar.

“The evidence uncovered in this case ties Qatar to a cyber espionage campaign targeting the e-mail accounts of US citizens and thousands of other political opponents around the world.

“Ongoing litigation in the United States sought to hold Qatar and its agents in the US accountable. As we have alleged in our court filings, Qatar and its agents tried to silence Elliott Broidy, targeting him because of his outspoken advocacy against Qatar’s support for terrorism, its alliance with Iran, and its support of extremist groups across the Middle East,” Wolosky told Al Arabiya English.

‘Clear and convincing evidence’

According to decoded records that were presented to the Central District Court of California, in addition to Broidy, the Qatar-backed hackers had targeted at least 1,200 figures inside and outside the United States. Forensic cyber experts who were hired by the plaintiff’s legal team discovered the identity of the other hacked figures.

“When it comes to the US national security, the source is more important than the evidence itself,” the CIA official told Al Arabiya English.

“When the source had Wolosky’s bipartisan reputation and experience, who served under Barack Obama, George W. Bush, and Bill Clinton, there would be no valid reason to question the legitimacy and accuracy of his findings,” he added.

Wolosky, meanwhile, has no doubts that Doha was behind the attack. “The scope and ambition of this operation is far beyond the capabilities of private individuals. It is the sort of thing governments do.”

Congressional Advisor on Middle East Policy Aaron Keyak told Al Arabiya English that he believes President Trump, National Security Advisor John Bolton, and the Department of State should send a strong message to Doha to halt the espionage activities.

“The cyberattack showed another level of how ruthless Qatar was willing to play with the international community. It’s one thing to hire lobbyists to push an agenda or make a convincing argument. But it’s another thing entirely to engage in cyber espionage on US citizens,” Keyak added.

In addition to the State of Qatar, the lawsuit included individual defendants, according to court documents.

Mohammed Bin Khalifa Al Thani, the younger brother of the Emir of Qatar who was the architect and leader of the efforts to influence US politicians and public opinion. His tasks included, among other things, discerning those who had spoken out against Qatar and bribe individuals who are close to the President of The United States.

Ahmad al-Rumaihi, a former Qatari diplomat who was/still investing in entities that he and Al Thani thought could help to bolster Qatar’s image in the US. Both have access to billions of dollars in capital from the Qatar Investment Authority to be used for this purpose.

Stonington Strategies LLC, a public relations and lobbying firm.

Nicholas D. Muzin, Stonington Chief Executive Officer and a political lobbyist.

Global Risk Advisors LLC (GRA), which coordinated and implement the cyber-attacks and recruited “cyber mercenaries” in various countries.

Kevin Chalker, former CIA and cyber-operative who is the GRA founder and its Chief Executive Officer.

David Marl Powell, a UK citizen who is the GRA Managing Director and its principal agent in Qatar.

The lawsuit affirmed that the purpose of the conspiracy targeting Broidy was to use illegal means to diminish his influence within the US to discredit him in the press and in the eyes of the government officials. Broidy forcefully and effectively had spoken against Doha’s support for terrorism and stood in the way of relieving commercial pressures due to the economic embargo on Qatar.

Keyak was angered by Qatari Emir Tamim bin Hamad Al Thani’s speech at the opening session of the UN General Assembly this week, in which he said that Qatar had been a victim of digital piracy and digital espionage.

“At the General Assembly, the Emir had the audacity to talk about hosting a conference on cybersecurity. It is like Harvey Weinstein hosting a conference on women's rights,” Keyak said.

As bait to lure their targets, the hackers used the following email accounts, which Al Arabiya English will reveal as part of our investigation:

• [email protected]
• [email protected]
• [email protected]
• [email protected]
• [email protected]
• [email protected]
• [email protected]
• [email protected]
• [email protected]

The case was dismissed by a federal judge in California last month on the grounds of sovereign immunity. However, Broidy and Wolosky confirmed that it is not over yet.

“We will continue to pursue the perpetrators of this attack in courts in the United States,” Wolosky concluded.