UAE Hack and Leak Operations

Interesting paper on recent hack-and-leak operations attributed to the UAE:

Abstract: Four hack-and-leak operations in U.S. politics between 2016 and 2019, publicly attributed to the United Arab Emirates (UAE), Qatar, and Saudi Arabia, should be seen as the “simulation of scandal” ­—deliberate attempts to direct moral judgement against their target. Although “hacking” tools enable easy access to secret information, they are a double-edged sword, as their discovery means the scandal becomes about the hack itself, not about the hacked information. There are wider consequences for cyber competition in situations of constraint where both sides are strategic partners, as in the case of the United States and its allies in the Persian Gulf.

Posted on August 13, 2020 at 9:28 AM13 Comments


Anne Nonymous August 13, 2020 11:34 AM

Although “hacking” tools enable easy access to secret information, they are a double-edged sword, as their discovery means the scandal becomes about the hack itself, not about the hacked information.

I don’t mean this as political commentary, but that’s certainly not how it worked for the Clinton campaign in 2016, so I’m somewhat skeptical of this assertion.

Tatütata August 13, 2020 11:51 AM

@Anne Nonymous


I wanted to make exactly the same point, but you beat me to it while I was pondering the wording.

Bruce Schneier August 13, 2020 1:21 PM

@Anne Nonymous:

It seems that the story bifurcates: the story about the hack, and the story about whatever information was leaked. The relative weight of the two stories varies wildly. The 2016 DNC hack is one example. Another is Snowden and the NSA documents. A third is the Panama Papers.

Anne Nonymous August 13, 2020 2:12 PM

Agreed that bifurcation with variable relative weighting seems like a much more supportable claim.

Clive Robinson August 13, 2020 2:18 PM

@ ALL,

Can we take the “it’s them wot dunnit” out of this?

Or to put it another way for hundreds of years disinformation campaigns for political advantage have been run not just as Nation against Nation, but town against town, street against street and house against house. Whilst religion and politics have been the top two causes there have been many others, including sport.

Can we step back from the finger pointing and name calling, it’s not just immature, it’s showing weakness bordering on impotence and worse we should all know it’s a case of “the pot calling the kettle black” and faux moral outrage due to somebody else doining it better than you can…

9/11 represented a very very public display of the issues of dependency on technology. A small group of people with little or no technical skills took high technology developed in the US and turned it into weapons of mass destruction against the US people.

It caused much shock around the world but why? The idea of pilots flying aircraft into targets like guided missiles was far from new, more than fifty years before Japanese pilots did it to allied ships. But the idea went back further during WWI when there was discussion of how to stop such tactics.

The US is perhaps the country most reliant on technology in fact mainly needlessly so. The US for some reason want’s technology as a kind of status symbol rapidly replacing anything that has reliably survived the test of time with the glitz and glamour of the new and untested. Thus it not just uses but is in many ways badly dependent on high risk technology that can be all to easily turned against it.

Perhaps people should be asking why they are vulnerable? and why those in charge do very little than make the situation worse?

There has been much discussion on this blog in the past about how vulnerable technology is. Likewise how little is spent on improving it rather than the vast sums spent on weaponising it.

Rather than endlessly moan impotently about something those who have both money and power and by their actions don’t wish to change, and actually discuss how you are going to bring about the changes required. Otherwise history is just going to repeat it’s self over and over and over, unless you think things are actually going to get worse and wartime measures etc will be put in place.

After all it was US President Obama that equated cyber attacks to first strike acts of war thus claiming a kinetic response was proportionate. As has been observed in US history “Those who live by the gun, oft die by the gun”. You can not live with one hand on the Bible and the other hand on the gun” history has shown us it just does not work.

echo August 13, 2020 4:38 PM

This was a semi interesting paper and I found the paper more interesting for what was implied or not said than the main content itself. The paper would map crudely to organisational schisms and office gossip and macho managment interference. What interested me was the issue of how policy formation structures can insulate from the tail wagging the dog; how proper understanding of gender in politics is a national security issue; and the continuing relative opaqueness of the subjects. There’s also some nitty gritty about search engines and social media and the courts which is eye catching. There is no mention of rating (as opposed to ranking) while there is “gaming the system” by exploiting high status people on social media and governance backdoors like PR and the absense of a more uncodified “heuristic reasoning” supplanting properly reasoned court judgments. A good empahasis was placed on the “moral purity” angle but very little on the emotional and psychological development side. There is also no mention of development governance and social imbalances and how they factor in conflict whether internal or at a state level and everywhere in between. So there is rather a lot in this paper if anyone wants to drill down.

I’m pretty sure I missed something but I’m distracted by my own opinions on the topics and feeling lazy.

lurker August 13, 2020 5:44 PM

@Bruce: Snowden had legitimate access to much of what he disclosed. Does his misuse of that access make it a “hack”?

Weather August 13, 2020 7:28 PM

The Intel data dump would be, Intel would have very hardened external security, unless it was insider or what it entails.
The DMC isn’t a hack, the probably left the password on the web site.
What you call script kiddie to hacker, shows your angour point.

echo August 13, 2020 8:09 PM

It depends how you define “hack”. The paper was fairly clear in its use. Again, too many people are obsessing over hardware and software, and whether person ABC had permission bit XYZ flipped in their work contract. See also: “bikeshedding”.

There is really quitea lot of content in this paper whether the authors intended it or not and I know I have left things off my list. I wrote an entire paragraph just listening things with only a trace of comment which shows how much is in there. With content this dense (and the paper was dense with a few handwaves and rabbit warrens thrown in) peoples brains tend to go “klunk”. I’m still trying to work out what I want to say about this ball of knotted string. Really it’s not what to say but how. That’s the hardest part.

The paper is pretty suspect in a number of public policy ways too. “Texas National Security Review”? Oh, what a surprise.

The Texas National Security Review is a new kind of journal committed to excellence, scholarly rigor, and big ideas.

Launched in 2017 by War on the Rocks and the University of Texas, we aim for articles published in this journal to end up on university syllabi and the desks of decision-makers, and to be cited as the foundational research and analysis on world affairs.


myliit August 14, 2020 5:22 PM

“[1] Editor’s Note: This is a companion article to an essay [ OP ] published in the Texas National Security Review, our sister publication.

On Nov. 27, 2019, Jeremy Corbyn, then-leader of the U.K. Labour Party, held up some official-looking papers, heavily redacted with thick black lines, at a campaign press conference in the run-up to a crucial second election in three years after the United Kingdom’s vote to leave the European Union in June 2016. These documents purported to show the details of discussions between the U.K. and U.S. governments on a post-Brexit trade deal, including demands by U.S. representatives to open access to the United Kingdom’s National Health Service for American companies — an inflammatory issue for many voters.

Corbyn’s opponent, Conservative Prime Minister Boris Johnson, went on to win the election by a landslide, and Corbyn resigned shortly afterwards. But discussion of the documents and their provenances has outlasted Corbyn’s leadership. Shortly after Corbyn’s attempted exposé, cyber security company Graphika argued that the same documents had originally been posted on Reddit in a manner remarkably like a suspected Russian disinformation operation identified by the Atlantic Council’s Digital Forensics Research Lab earlier in 2019. In August 2020, Reuters reported that “suspected Russian hackers” had obtained the documents from the compromised email account of former U.K. Secretary for Trade and Defence Liam Fox.

This is one example of a hack-and-leak operation where malicious actors use cyber tools to gain access to sensitive or secret material and then release it in the public domain. Hack-and-leak operations pose difficult questions for scholars and policymakers on how best to conceptualize and respond to this new frontier in digital foreign interference. Scholars need to take hack-and-leak operations seriously as a challenge to theoretical understandings of the boundary between legitimate and impermissible political practice. But hack-and-leak operations are also an urgent policy challenge for both offensive and defensive cyber security policies as U.S. government agencies receive greater latitude to conduct such operations around the world. …”

[1] Title here because all caps: “HACK-AND-LEAK OPERATIONS AND U.S. CYBER POLICY”

Leave a comment


Allowed HTML <a href="URL"> • <em> <cite> <i> • <strong> <b> • <sub> <sup> • <ul> <ol> <li> • <blockquote> <pre> Markdown Extra syntax via

Sidebar photo of Bruce Schneier by Joe MacInnis.