One of the largest computer hacks ever perpetrated by a foreign government against U.S. citizens was detected recently—and the Trump administration is all but powerless to retaliate or deter future attacks.
Borrowing a leaf from the #MeToo playbook, the computer attacks exposed made public certain private misdeeds with the aim of demeaning or destroying their high-profile targets. In this case, the victim’s emails were scanned for sexual, financial or other misdeeds and distributed to major media outlets.
Friends and associates of President Trump—as well as some of his political opponents—were caught up in a massive hack by Qatar, according to Bloomberg and Arabic-language news reports. Their private emails were read, collated and distributed to news media to silence them.
More than 1,300 prominent Americans and others—businessmen close to Trump, GOP donors, Democratic Party activists, CIA officials, Middle East royals, and celebrities—were the targets of a “spear-phishing” attack. Victims received what looked like a genuine news story from a name in their address book or a security link from their Gmail account; when they innocently opened the link or entered their login credentials, electronic tentacles reached into every area of their digital lives. Soon, their private emails began appearing in the in-boxes of the Associated Press (which claims, on its website, to reach 2 billion people per day) and other news outlets with large, influential audiences. Soon, reporters were calling the victims to interrogate them about their own emails. Few of the news stories were kind.
The victims only had one thing in common: they are critics of Qatar. This was an effort to silence Qatar’s perceived enemies and prevent them for exercising their free-speech rights on U.S. soil.
The victims included journalists and former American and European defense officials who were opposed to Qatar’s funding of al Qaeda affiliates in Syria’s civil war. They also included Rabbi Schmuley Boteach (you may remember from the “Millionaire Matchmaker”) who was a loud critic of Qatar’s effort to win the support of American Jewish leaders by offering to pressure Hamas, which is officially designated as a terrorist group by the State department, to release the corpses of Israeli soldiers. (Qatar has publicly admitted to donating tens of millions of dollars to Hamas.)
The hacking revelations were made public as a result of a lawsuit filed by former Republican National Committee finance chairman Elliott Broidy, who was hacked by Qatar and the target of a smear campaign by its agents in the U.S. Media. “Broidy was targeted by Qatar because he correctly recognized that it posed a threat to U.S. national security. I believe that his advocacy advanced America’s national security interests,” a former CIA operative revealed. “And that’s why they targeted him.”
He added, “Qatar is a rogue nation. The al-Thani Family [which rules Qatar] operates like an organized crime family. It seeks to bribe, bully, or eliminate anyone that it thinks is opposed to its interests.”
Qatar’s role is not in much doubt. “For the most part, the hackers used virtual private networks to mask their IP addresses. In a couple instances, however, they did not — and the addresses linked back to the internet service provider, Ooredoo, which is majority-owned by Qatari government agencies,” writes Bloomberg’s Eli Lake. Technical analysis, by a team employed by Broidy, also links Qatar to the hacks. (Of course, Qatar denies it had any role in the attacks.)
Qatar is simply the latest foreign government to use information warfare against America and her political and cultural institutions. North Korea hacked Sony Pictures. Russia hacked the Democratic National Committee and other political figures, as independent counsel Robert Mueller has been revealing in court documents. China hacked Sen. Dianne Feinstein and placed a spy in her California Senate office. The U.S. Congress was recently warned about foreign attempts to hack congressional servers.
America’s digital innocence is coming to an end. We are now living in an age when foreign governments can use our emails—and the intimate, sometimes rash words that they contain—against us. This is the “politics of personal destruction” that President Bill Clinton warned about.
It is time to develop legal mechanisms to fight foreign hackers. Updating the 1976 Foreign Sovereign Immunity Act is a good place to start. Broidy recently had his case against Qatar-backed hackers dismissed in federal court on the grounds that operatives working for other governments are immune to lawsuits under the Foreign Sovereign Immunity Act. This 1976 law was crafted long before cyberattacks existed.
In dismissing Broidy’s case on sovereign immunity grounds, the federal judge asked Congress to consider an exception for foreign hackers. (There is already an exception to allow lawsuits against foreigners who carry out terrorist attacks.) It is time to expand exceptions in sovereign immunity, to stop safeguarding those who attack our citizens and pollute our politics.
The president’s new National Cyber Strategy should include updating the Foreign Sovereign Immunity Act. Many foreign nations have government assets in the United States—including sovereign wealth funds invested in Wall Street—and could be held accountable by our courts. If they knew that their assets could be at risk, they would stop attacking our citizens.
We are in the new age of Cyber Warfare. We have had multiple ‘Pearl Harbor’ cyber attacks by several nation states, or their agents, against our homeland.
If Congress and the president ignore the cyber threat, it will only worsen. All of our personal lives could be strategically leaked to the press, potential employers and spouses. The personal Hell visited on new Justice Kavanaugh could be visited on the rest of us by hostile governments.
Niger Innis is the chairman of the Congress on Racial Equality (CORE), one of the nation’s oldest civil-rights organizations. CORE has Consultative Status with the Economic and Social Council of the United Nations