The Raven story also provides new insight into the role former American cyberspies play in foreign hacking operations.
DARK MATTER SECRET
Within the U. While this activity raises ethical dilemmas, U. The rules, however, are clear on hacking U. The hacking of Americans was a tightly held secret even within Raven, with those operations led by Emiratis instead.
Stroud said she is cooperating with that investigation. No charges have been filed and it is possible none will emerge from the inquiry. An FBI spokeswoman declined to comment. Stroud is the only former Raven operative willing to be named in this story; eight others who described their experiences would do so only on condition of anonymity.
She spent a decade at the NSA, first as a military service member from to and later as a contractor in the agency for the giant technology consultant Booz Allen Hamilton from to Her specialty was hunting for vulnerabilities in the computer systems of foreign governments, such as China, and analyzing what data should be stolen.
In , her world changed. While stationed at NSA Hawaii, Stroud says, she made the fateful recommendation to bring a Dell technician already working in the building onto her team. That contractor was Edward Snowden. In the maelstrom that followed, Stroud said her Booz team was vilified for unwittingly enabling the largest security breach in agency history. In May , Stroud jumped at the opportunity and left Booz Allen. CyberPoint, a small cyber security contractor headquartered in Baltimore, was founded by an entrepreneur named Karl Gumtow in Its clients have included the U.
Department of Defense, and its UAE business has gained media attention.
Stroud had already made the switch from government employee to Booz Allen contractor, essentially performing the same NSA job at higher pay. Taking a job with CyberPoint would fulfill a lifelong dream of deploying to the Middle East and doing so at a lucrative salary. She understood her new job would involve a counterterrorism mission in cooperation with the Emiratis, a close U. Baier and other Raven managers assured her the project was approved by the NSA, she said.
- Domain-theoretic Foundations of Functional Programming?
- Te Deum, Op. 103: Nos. 4 and 5, Aeterna fac cum sanctis; Benedicamus Patrem;
- See a Problem?.
- Black Ops 4 Dark Ops Challenges - Blackout.
Baier did not respond to multiple phone calls, text messages, emails, and messages on social media. When Stroud was brought into the Villa for the first time, in May , Raven management gave her two separate briefings, back-to-back. Right after the briefing ended, she said she was told she had just received a cover story. The language and secrecy of the briefings closely mirrored her experience at the NSA, Stroud said, giving her a level of comfort.
The information scooped up by Raven was feeding a security apparatus that has drawn international criticism. The Emirates, a wealthy federation of seven Arab sheikhdoms with a population of 9 million, is an ally of neighbor Saudi Arabia and rival of Iran. Like those two regional powers, the UAE has been accused of suppressing free speech, detaining dissidents and other abuses by groups such as Human Rights Watch.
Their accounts were confirmed by hundreds of Raven program documents reviewed by Reuters. Under orders from the UAE government, former operatives said, Raven would monitor social media and target people who security forces felt had insulted the government.
I never made it personal. The Americans identified vulnerabilities in selected targets, developed or procured software to carry out the intrusions and assisted in monitoring them, former Raven employees said. But an Emirati operative would usually press the button on an attack. Stroud discovered that the program took aim not just at terrorists and foreign government agencies, but also dissidents and human rights activists.
The Emiratis categorized them as national security targets. Before , the former operatives said, the nascent UAE intelligence-gathering operation largely relied on Emirati agents breaking into the homes of targets while they were away and physically placing spyware on computers. But as the Americans built up Raven, the remote hacking of Donaghy offered the contractors a tantalizing win they could present to the client. Because of sensitivity over human rights violations and press freedom in the West, the operation against a journalist-activist was a gamble.
The surveillance against Donaghy, who was given the codename Gyro, continued under Stroud and remained a top priority for the Emirates for years, Stroud said. Donaghy eventually became aware that his email had been hacked.
- Diversity at Victoria’s Secret: does it really matter?;
- Mario Botta: Architectural Poetics (Universe Architecture Series).
- Activating the Passive Church: Diagnosis and Treatment.
In , after receiving another suspicious email, he contacted a security researcher at Citizen Lab, a Canadian human rights and digital privacy group, who discovered hackers had been attempting for years to breach his computer. Reached by phone in London, Donaghy, now a graduate student pursuing Arab studies, expressed surprise he was considered a top national security target for five years.
Donaghy confirmed he was targeted using the techniques described in the documents. Told the hackers were American mercenaries working for the UAE, Donaghy, a British citizen, expressed surprise and disgust. Prominent Emirati activist Ahmed Mansoor, given the code name Egret, was another target, former Raven operatives say. Citizen Lab published research in showing that Mansoor and Donaghy were targeted by hackers — with researchers speculating that the UAE government was the most likely culprit.
Concrete evidence of who was responsible, details on the use of American operatives, and first-hand accounts from the hacking team are reported here for the first time. He is now held in solitary confinement, his health declining, a person familiar with the matter said.
Are Dark Photons the Secret 'Fifth Force' Holding Our Universe Together? | Live Science
Neighbors are avoiding her out of fear security forces are watching. They are correct. By June Raven had tapped into her mobile device and given her the code name Purple Egret, program documents reviewed by Reuters show. To do so, Raven utilized a powerful new hacking tool called Karma, which allowed operatives to break into the iPhones of users around the world.
Karma allowed Raven to obtain emails, location, text messages and photographs from iPhones simply by uploading lists of numbers into a preconfigured system, five former project employees said. Karma was particularly potent because it did not require a target to click on any link to download malicious software. In and , it would be used against hundreds of targets across the Middle East and Europe, including governments of Qatar, Yemen, Iran and Turkey, documents show. Raven used Karma to hack an iPhone used by the Emir of Qatar, Sheikh Tamim bin Hamad al-Thani, as well as the phones of close associates and his brother.
The embassy of Qatar in Washington did not respond to requests for comment. Former Raven operatives believed they were on the right side of the law because, they said, supervisors told them the mission was blessed by the U. Raven employees were told to say they worked for the Information Technology and Interoperability Office, the program document said. Providing sensitive defense technologies or services to a foreign government generally requires special licenses from the U.
State and Commerce Departments. Project MUSE promotes the creation and dissemination of essential humanities and social science resources through collaboration with libraries, publishers, and scholars worldwide. Forged from a partnership between a university press and a library, Project MUSE is a trusted part of the academic and scholarly community it serves. Built on the Johns Hopkins University Campus.