Mercenary hackers open a can of worms for US cybersecurity


Mercenary hackers open a can of worms for US cybersecurity

Three men have admitted sharing critical US defence technology and secrets with the UAE government

Bobby Ghosh

In 2012, an Iranian computer virus named Shamoon wiped data from tens of thousands of computers at two of the Middle East’s most important energy companies, Saudi Aramco and Qatar’s Ras Gas. Shamoon was no Stuxnet: unlike the Israeli digital weapon that destroyed nuclear centrifuges in the Islamic republic, the virus that attacked the energy companies did little damage to their operations.

But the demonstration of their vulnerability panicked policymakers in the Gulf Arab states. Saudi Arabia, Qatar, the United Arab Emirates, Kuwait and Oman all turned to the US for expertise to protect their vital national resources against cyberattacks. With the blessings of the Barack Obama administration, American defence contractors specialising in cybersecurity were happy to help.

To meet the surging demand for their services, these firms recruited cyber operatives and analysts from US intelligence agencies, offering what one former Federal Bureau of Investigations (FBI) agent described as “buy-yourself-a-Ferrari” salaries. For some, their job description evolved from playing defence against hackers to going on the offence, heading attackers off at the pass. Others were assigned to counterterrorism operations, doing for their new clients what they had previously done for their country, and often using the same tools...

This article is free to read if you register or sign in.

Sunday Times Daily

If you have already registered or subscribed, please sign in to continue.

Questions or problems?
Email or call 0860 52 52 00.

Next Article

‘Return our bronzes and we’ll make you better ones’

By Tife Owolabi and Estelle Shirbon
2 min read

Previous Article