STRATEGIC ASSESSMENT. In the current era of geopolitics, where data is sometimes more valuable than currency, governments and corporations are targeting employees of social media companies for access to the private information of customers and users. In an example of how far Saudi Arabia is willing to go, the Kingdom cultivated ties with employees of Twitter and persuaded them to spy on various user accounts while feeding information to the country’s leadership.
Ali Alzbarah and Ahmad Abouammo were charged by the U.S. Department of Justice for acting as agents of a foreign power inside the United States, as they used their positions at Twitter to gather private user data. Abouammo targeted three accounts that posted information about Saudi internal government machinations. Alzabarah collected information on over 6,000 accounts, focusing on critics of the ruling family that was in the midst of a whirlwind public relations makeover to reposition the notoriously sclerotic and austere Saudi government as visionary and reform-minded.
Twitter and social media companies in general are a ripe target for espionage by both state and non-state actors. The perceived anonymity of Twitter gives users the illusion of safety when speaking out against governments or corporations. The private data and personally identifying information (PII) of these users could include real names, accurate phone numbers and email addresses, as well as location information.
This information can then be used to target these individuals for harassment, blackmail, extortion, threats, and even violence. Twitter is also a medium that the Saudi government uses to aggressively harass and intimidate anyone who dares to criticize the regime. In the lead-up to the murder of journalist Jamal Khasoggi, which the C.I.A. has assessed with medium to high confidence was personally ordered by Saudi Crown Prince Mohammedbin Salman, the Saudi online army relentlessly harassed Khashoggi online.
Twitter is widely used in Saudi Arabia and one of the few places where the country’s citizens gather to express their thoughts and views. It is even more valuable to exiles or dissidents who have left their homes and now use Twitter or other messaging and micro-blogging platforms to voice their opinions and communicate with like-minded individuals, groups, and sympathizers throughout the globe. It is not just Saudi Arabia that openly targets its social media critics; Turkey and Egypt are also notoriously sensitive to criticism and similarly aggressive in targeting dissenters both at home and abroad.
Social media companies are not hard targets. Their platforms and servers have been ‘hacked’ or penetrated by malevolent actors. Still, non-technical means of espionage, including recruiting ‘insider threats’ remain a trusted practice. With just a few hundred thousand dollars and a few fancy watches, Saudi Arabia was able to acquire invaluable information on a topic it considers one of its main priorities: the tweets of critics, both influential and otherwise.
It is often harder to detect on a technical level the espionage of a human source as opposed to a technical exploit, and the lag time between theft and discovery is usually longer with a human source. In the most recent case, Alzabarah stole his targeted user data back in 2015. In announcing the indictments, U.S. Attorney David Anderson stated that the United States ‘will not allow U.S. companies or U.S. technology to become tools of foreign repression in violation of U.S. law.’ Given the breadth and soft defenses that social media companies present, and the interest of governments and corporations to gain leverage over their critics, it is inevitable that more cases will be exposed, though likely still a fraction of what is being attempted (TSC).