Jrgen Flchle - Fotolia
The two employees were named in the documents as US citizen Ahmad Abouammo and Saudi citizen Ali Alzabarah. Another Saudi citizen, Ahmed Almutairi, a marketing executive with alleged ties to the Saudi royal family – who control domestic politics in the hard-line conservative kingdom – has also been charged. This is the first time any Saudis have been directly charged with spying in the US.
The documents reveal how Abouammo, who worked in assisting high-profile Twitter users in the Middle East with content strategy and social media best practice, and Alzabarah, who was employed as a site reliability engineer in Twitter’s San Francisco office, were directed to gather information including email and IP addresses, birthdates and phone numbers, with Almutairi acting as a go-between.
The court claimed the operation was directed by an unnamed official referred to as Royal Family Member-1, alleged to be crown prince Mohammad Bin Salman. Bin Salman is credibly linked to the murder of Saudi dissident author and journalist Jamal Khashoggi, who was killed in October 2018 inside the kingdom’s consulate in Istanbul by Saudi agents, who had allegedly hacked Khashoggi’s smartphone using Israeli-made spyware.
During the operation, Alzabarah accessed details of around 6,000 Twitter accounts, possibly using grandfathered access he may have had through an internal tool called Profile Viewer.
High-profile individuals targeted included a prominent critic of the Saudi royal family, who had amassed over a million followers, and a second individual who ran a spoof Twitter account impersonating a member of the Saudi royal family. Other targets are known to be Saudi dissidents in exile or who had sought and received asylum in countries including Canada and Turkey.
In at least 30 instances, the target accounts were those about which Saudi law enforcement had already requested information directly from Twitter.
The documents also detail payments made to Abouammo by the Saudis, including tens of thousands of dollars and luxury watches.
Abouammo has been remanded in custody in the US, while the other two named parties are understood to have returned to Saudi Arabia.
Speaking to the Washington Post on condition of anonymity, a Twitter spokesperson said access to user data was strictly limited to a small group of trained and vetted staffers.
“We understand the incredible risks faced by many who use Twitter to share their perspectives with the world and to hold those in power accountable. We have tools in place to protect their privacy and their ability to do their vital work,” they said.
Summer Lopez, senior director of free expression programmes at Pen America, a New York-based organisation of writers and journalists dedicated to preserving freedom of speech and expression, commented: “Such intrigue is no surprise from the Saudis, whose desire to silence critics beyond their borders has been made all too clear.
“It’s frightening to contemplate that the platforms that play host to such vast amounts of personal information and opinion can be infiltrated by governments hell-bent on outing and menacing their critics. This sobering wake-up call must prompt consideration of new ways to ensure trust and privacy in our public discourse are not corroded from within the very platforms that host it.”
Read more about insider threats
- Simple measures could have saved consumer security product supplier Trend Micro from an insider breach.
- When it comes to insider threat awareness and prevention, enterprises would be wise to marry a people-centric approach with a technology-centric approach.
- Whether via the spread of malware, spyware or viruses, insiders can do as much damage as outside attackers. Here's how to prevent computer security threats from insiders.