Bin Salman’s “Cyberweapon”: Not Only Against Saudis

Saudi Arabia has pushed to sharpen the double-edged tools of cyber-espionage, despite global concerns that the Kingdom was deploying spyware techniques to spy on individuals at home and abroad.

  • The Saudis began constructing their cyber garrison nearly a decade ago
    Saudi officials began constructing their cyber garrison nearly a decade ago

Cyberweapon: Saudi Arabia’s Old Tradition 

Saudi officials have embarked on constructing their cyber garrison nearly a decade ago. Saudi intelligence services have long kept a tight eye on their citizens' communications and other political activities; nevertheless, digital media has opened up new avenues for Saudi repression. According to corporate data released by WikiLeaks, Saudi intelligence sought tools from Italian firm “Hacking Team” in 2013 that could penetrate iPhones and iPads, and in 2015 it sought comparable access to Android phones.

Smitten on Spyware

Citing Human Rights Watch, independent security researchers, in a June 24, 2014 report, identified surveillance software made by “Hacking Team” that appears intended to target individuals in Qatif, in eastern Saudi Arabia. Qatif has been a city of ongoing protests against various governmental policies since 2011 and an area infamous for government repression of peaceful dissent.

Security researchers at Citizen Lab in Toronto have discovered a malicious, altered version of the Qatif Today (al-Qatif al-Youm) Android app, which provides mobile access to Arabic-language news and information about the town of Qatif in the Eastern Province. If this modified application is installed on a phone, it infects it with spyware created by Hacking, according to the same report.

Furthermore, the malware allows the government to view emails, text messages, files from apps like Facebook, Viber, Skype, or WhatsApp, contacts, and call history on the phone. It also allows authorities in charge of the spyware to turn on a phone's camera or microphone without the owner even noticing, allowing them to take images or record conversations.

Sharpening Double-edged Tools 

For many years, Amnesty International, Human Rights Watch, and other human rights groups have reported Saudi Arabia’s spyware activities. 

However, Saudi Arabia has turned a blind eye to such statements by Human Rights and Digital Privacy Rights Organizations, maintaining the unremitted use of spyware to monitor dissidents and political opponents.

Despite international condemnation of the Kingdom's abuse of surveillance software, Saudi Arabia took it too far, resorting to one of the most potent piece of spyware ever created and the source of current hacking glitches which involves privacy infringement, according to a recent investigation into a massive data leak.

Made in “Israel”, Sold to Saudi Arabia

To no one's surprise, the mastermind behind this hacking software is no other than the Israeli firm NSO Group which has been in the spotlight for months, with dissidents, journalists, and other figures saying that their repressive governments have utilized the company's technology to spy on them.

For a country with an extensive record of seeking to spy on its own citizens, Saudi Arabia found its haven in Israeli technology companies.

NSO sold Pegasus to Saudi Arabia in 2017. Citing Israeli news reports and other sources, the Israeli Group sold Saudi Arabia the spyware for $55 million. 


A report in the Washington Post about the sale of the Pegasus system to Riyadh comes after Omar Abdulaziz, a sharp online critic of the Saudi royals who lives in exile in Canada, filed suit against NSO, claiming that communications between him and murdered writer Jamal Khashoggi were monitored by the Saudis using NSO software.

Forbidden Stories, a Paris-based journalism organization, and Amnesty International gained access to a list of phone numbers concentrated in countries known to spy on their residents and known to have been clients of NSO Group. The material was shared by the two NGOs with The Washington Post and 15 other news organizations around the world.

“The reporters of the Pegasus Project found that NSO’s Pegasus spyware was used in attempted and successful hacks of 37 smartphones belonging to journalists, human rights activists, business executives, and the two women closest to murdered Saudi journalist Jamal Khashoggi”, according to the same report.

Who is Jamal Khashoggi?

  • Saudi Arabia behind NSO spyware attack on Jamal Khashoggi’s family: Report
    Saudi Arabia behind NSO spyware attack on Jamal Khashoggi’s family (Report)

Jamal Khashoggi, a US-based writer and vocal opponent of Saudi Arabia's government, entered the Saudi Consulate in Istanbul on October 2, 2018, where he was murdered. In the following months, different accounts of how he died, what happened to his body, and who was to blame emerged.

In 2017, NSO sold Pegasus to Saudi Arabia. The spyware was employed as part of a merciless drive to quell internal dissent and track down Saudi dissidents overseas, according to a report by The New York Times

Citing the same report, it is not publicly known whether Saudi Arabia used Pegasus or other Israeli-made spyware in the plot to kill Khashoggi. 

However, based on a complaint filed by a friend of Khashoggi, the former's phone was hacked by Saudi Arabia using Pegasus, granting Saudi officials access to his talks with Khashoggi, including communications regarding opposition projects.

According to the same report, Saudi Arabia has continued to use NSO software to spy on perceived opponents abroad.

Not Only Against Saudis

Powerful spyware is essentially unregulated on a worldwide scale. National limitations or export regulations are insufficient to prevent sales to governments that may use them to spy on Saudis and non-Saudis.


The French Daily Le Monde revealed, Monday, that Saudi Crown Prince Mohammed bin Salman sought spying on several Lebanese journalists and politicians, through Israeli NSO's spyware Pegasus.

Le Monde added in an investigation that several Lebanese political and media figures have been targets of a spying attack by Saudi Arabia and the UAE between 2018-2019.

Some of the figures are former Prime Minister Saad Hariri, President of the Free Patriotic Movement Gebran Bassil, and General Director of the Lebanese General Directorate of General Security Abbas Ibrahim.

The Newspaper highlighted that bin Salman also asked Pegasus to spy "on Hezbollah MPs Hassan Fadlallah and Ali Fayyad, in addition to the Head of Hezbollah's Liaison and Coordination Unit Wafiq Safa."

Le Monde also indicated that "Saudi Arabia and the UAE requested spying on two prominent journalists: Al Mayadeen Network CEO Ghassan Ben Jeddou and Editor-in-Chief of Al-Akhbar Newspaper Ibrahim  Al Amine."

In a nutshell, powerful spyware is essentially unregulated on a worldwide scale. National limitations or export regulations are insufficient to prevent sales to Saudi regime. It is not hard to tell what Riyadh eyes, specifically, but its decision to violate all terms is evident.