US security veterans helped UAE build secret surveillance unit that spied on activists, officials
A group of former National Security Agency operatives and other elite American intelligence veterans took part in creating the previously undisclosed programme from scratch, which was later used to spy on a Saudi women’s rights activist, diplomats at the United Nations and personnel at FIFA among others.
The UAE’s DREAD programme was initially created in 2008 to track terrorist elements and had the blessing of the US, but the unit has since fallen under the scrutiny of federal authorities for its activities.
“The incentive was to help in the fight against Al Qaeda. The UAE is a very good counterterrorism partner. You need to remember the timing back then, post 9-11,” former US counterterrorism czar Richard Clarke said. “The NSA wanted it to happen.”
Clarke himself travelled to the UAE to provide consultation services to the Gulf ally before securing the contracts to build the spy unit and help the UAE secure its infrastructure, including work to protect the Gulf state’s seaports, nuclear projects, airports, embassies and petrochemical facilities, according to two people with direct knowledge of the contracts.
Read also: Is this Google-sanctioned Emirati company poaching Israeli intelligence officers?
But by 2012, the programme had seen its operatives target Google, Hotmail and Yahoo email accounts, as well as American citizens, despite prohibitions against targeting US servers.
Panicking over 2011 region-wide Arab Sprint protests, the Emiratis had used their new-found powerful tool to dive into the lives of dissidents and others seen as a political threat, moving from counterterrorism to targeting “national security targets”.
The operations came to include the previously unreported hacks of a German human rights group, the United Nations’ offices in New York and FIFA executives.
Between 2012 and 2015, individual teams were tasked with hacking into entire rival governments, as the programme’s focus shifted from counterterrorism to espionage against geopolitical foes, documents show, Reuters reported.
The project, which had a budget of $34 million, had expanded from just a dozen American employees to more than 40, most of which were poached from the halls of the NSA or its contractor list.
The UAE has come under scrutiny in recent years for using the Pegasus spyware, which was created by the Israeli NSO Group.
Read more: Pegasus: The Israeli spyware that helped Saudi Arabia spy on Khashoggi
NSO is a technology firm based in Herzliya, Israel that, according to the company, provides governments with technology that "helps government agencies prevent and investigate terrorism and crime to save thousands of lives around the globe”.
While its name may seem nondescript, the company has worked for a decade to build some of the world's most invasive - but near undetectable - mobile spyware.
NSO's co-founders Shalev Hulio and Omri Lavie are rumoured to be veterans of the Israeli army's Unit 8200, the country's elite military intelligence wing, according to Forbes.
They also created Kaymera, a mobile security outfit designed to tackle the exact problems presented by spyware developed by NSO and other malware creators.
The company's most infamous spyware, Pegasus, can be installed on a phone through a single text.
Once installed, the malware can access all communications on the mobile phone - from WhatsApp, Facebook and Telegram messages to Skype chats and Gmail conversations.
It can also be used to trace the owner's location and snoop on their surroundings using the phone's camera and microphone.
The UAE has allegedly used Pegasus software to hack phones belonging to Qatar Emir Tamim al-Thani and Lebanon Prime Minister Saad al-Hariri, among others.
Emails leaked last year revealed that the Emirati government had been trying to hack the phone of Qatar's Sheikh Tamim for at least four years, and had allegedly been successfully in infiltrating the communications of 159 Qatari royals and officials.
Another target was the former head of the Saudi National Guard, Prince Mutaib bin Abdullah, who at the time was considered a contender for the throne.
Prince Mutaib was removed from his post in 2017 and arrested as part of a purported anti-corruption probe led by the powerful crown prince targeting rivals.
According to Citizen Lab, mobile phones in at least 45 countries have been hacked by Pegasus software wielded by around 36 likely operators - six of whom, the research group says, are countries with a history of "abusing spyware to target civil society".
Mobile phone owners across the Middle East have been affected, with targets in almost every Arab country, with the exception of Sudan, Syria and Mauritania.
People in the US, UK, Turkey and Israel have also been targeted.
Follow us and to stay connected