With “Friends” Like The Saudis, Who Needs Enemies?

Or The Strange Case of Jeff Bezos’ IPhone and the Saudi Crown Prince

The evidence says that the Saudi Arabian Crown Prince, Mohammed bin Salman (aka MBS) engineered a way to hack Jeff Bezos’ cell phone.  Just why MBS would be interested in Jeff, Jeff’s phone, or Jeff’s life is an interesting question, with surprising answers.

It seems that MBS invited Jeff Bezos to a private party, and during the course of the evening, exchanged phone numbers so they could communicate using the encrypted WhatsApp service.  Then MBS sent him an encrypted video file that also contained spyware that executed in Jeff’s phone and allowed the Saudi’s unlimited access to the contents and connections of that phone.

Rather than republish the full story and timeline already told better elsewhere, I will summarize, and assume if you are interested, that you can click through on the provided links to the full story.

Jeff Bezos owns Amazon.com, but the important connection is his ownership of the Washington Post.  The Washington Post had been publishing articles critical of the Saudi government and Royal Family, written by the Saudi journalist Jamal Khashoggi.  This is the same Jamal Khashoggi who was assassinated on the orders of MBS at the Saudi Consulate in Istanbul Turkey.  And herein lies the connection.

A timeline of events based on the UN investigation into this hack can be found found here.  It is a sobering look into the dark side of international relations, and calls into question the economic and military alliance the US has with Saudi Arabia.

Let us remember that the majority of September 11 terrorists were from Saudi Arabia, as was most of the financing.  There is a great article on Wikipedia about the September 11 attacks.  One paragraph jumped out at me as I was researching this article:

“There are allegations of Saudi Arabian government involvement in the attacks. The primary evidence is the content of the 28 redacted pages of the 2002 Joint Inquiry into Intelligence Community Activities before and after the Terrorist Attacks of September 11, 2001, conducted by the Senate Select Committee on Intelligence and the House Permanent Select Committee on Intelligence. These 28 pages contain information regarding the material and financial assistance given to the hijackers and their affiliates leading up to the attacks by the Saudi Arabian government.”

Then there was the recent mass shooter incident on a US naval airbase involving a Saudi Arabian military pilot in the US for flight training.  His rampage killed 3 US sailors.  As I said in the title, with friends like these who needs enemies.

The reason that keeps the US “allied” with Saudi Arabia is largely because they politically oppose Iran (more Shiite vs Sunni insanity), and of course oil.  I think it is time to cut them loose.  I do not see them as better in any way than Iran  Of course, the US has a long and checkered history of of betting on the wrong political horse (Cuba, Iran, Vietnam, Iran again, Iraq, Afghanistan), and we are doing it again with Saudi Arabia.  I do not expect this situation to change soon.

If you or your company are working with the Saudi government, I think it is safe to assume they have hacked your gear.  Certainly any gear you took with you into the country, but Bezos was hacked in California over the Internet.

As a cybersecurity professional, I think it is safe to assume that your gear is hijacked by whatever government you may be working with or for, including, maybe especially, your own.  Every country, little and large, has some kind of cyber-force.  The technology exists, and everyone has access to the tools, many of which are free.  But you can expect to pay something for the tools the Saudi government used on Jeff Bezos.  We have come to a place where we should be looking for advanced persistent threats (APTs) and other state-sponsored cyber-attacks.  We should be expecting these attacks.  We should not be relying solely on our government to protect us and tell us if we have been affected, because they may want it that way.

And be careful who you connect with, what seems like a great connection may come with malicious intent.

More information:


About the Author:

I am a cybersecurity and IT instructor, cybersecurity analyst, pen-tester, trainer, and speaker. I am an owner of the WyzCo Group Inc. In addition to consulting on security products and services, I also conduct security audits, compliance audits, vulnerability assessments and penetration tests. I also teach Cybersecurity Awareness Training classes. I work as an information technology and cybersecurity instructor for several training and certification organizations. I have worked in corporate, military, government, and workforce development training environments I am a frequent speaker at professional conferences such as the Minnesota Bloggers Conference, Secure360 Security Conference in 2016, 2017, 2018, 2019, the (ISC)2 World Congress 2016, and the ISSA International Conference 2017, and many local community organizations, including Chambers of Commerce, SCORE, and several school districts. I have been blogging on cybersecurity since 2006 at http://wyzguyscybersecurity.com

Add a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.