Which Firms are Conducting State-Sponsored Cyber Attacks Like Saudi Crown Prince's Hack of Jeff Bezos?

Although there has been some speculation, it has not yet been confirmed which malware companies were involved in the cyberattack that reportedly targeted the phone of Amazon's Jeff Bezos via the Saudi crown prince's personal phone back in May 2018. However, firms operating under the direction of state-sponsored cyber attacks have been on the rise, causing many to wonder who these entities are.

An investigation published last night by The Guardian revealed surprising information about Saudi Crown Prince Mohammad bin Salman personally infiltrating Jeff Bezos phone by sending him a malicious video through WhatsApp, resulting in large amounts of data being obtained from the American businessman's device.

After the shocking report was published, questions have been raised regarding the credibility of the investigation, its timing, in addition to the Saudi prince's motives, and the possibility of other world leaders and prominent personalities being victims of similar attacks.

Findings reached by the digital forensic analysis reference in The Guardian report have reignited the conversation about cyberattacks being part of the digital warfare phenomenon.

In fact, cyberwars are gradually proving to be an efficient tool in the hands of hostile powers, allowing them to target one another without having to launch traditional military operations.

Several state-sponsored hacking attacks successfully caused damage to government servers in different countries worldwide and were able to obtain sensitive information from devices used by officials and diplomats. Additionally, malware campaigns have aided governments to track political dissidents and journalists and to gain access to their private data, in efforts to blackmail them and force them to stop them from being critical. 

NSO

In October 2019, a Financial Times report provided information about cyberattacks that used spyware developed by the Israeli surveillance company NSO that was founded in 2010, targeting senior officials, diplomats, human rights activists and journalists in 45 different countries using the WhatsApp application.

According to the Times of Israel, NSO has developed a highly invasive tool called Pegasus, through which a target’s cell phone camera and microphone can be accessed without their knowledge, "effectively turning the phone into a pocket spy." The same firm has been implicated in the alleged MBS-Bezos hack.

The internet watchdog Citizen Lab released a statement back in September 2019, listing countries in which NSO tools have been used across the world. The list included GCC countries, Kazakhstan, Mexico, Morocco and France.

DarkMatter

The Abu Dhabi-based cybersecurity company has been frequently linked to hacking campaigns launched by the Emirati government. In a Reuters report published in January 2019, DarkMatter was allegedly involved in malware attacks organized in 2016 through a top-secret spying programme called 'Project Raven' and using the 'Karma' tool, which doesn't need users to click on certain links, taking advantage of a vulnerability in Apple’s iMessage text messaging software.

According to Reuters' investigation, Karma was used against hundreds of targets across the Middle East and Europe, including governments of Qatar, Yemen, Iran and Turkey.

Turla

Russian state-backed group reportedly led several digital attacks against 35 countries including European government servers, military institutions, embassies, and consulates. Turla, also known as Snake, Uroburos, Waterbug or Venomous Bear, has been an active spyware developer since 2008 and is believed to be sponsored by the Russian FSB security service.

Both the UK's National Cyber Security Centre (NCSC) and the US National Security Agency (NSA) have announced that military establishments, government departments, scientific organizations, and universities have been subject to cyberattacks launched by the Russian spyware group.