DarkMatter Threat Actor Profile

OFFENSIVE CYBER
GROUP IN DEPTH
A Macquarie University
CiLab - PACE Project

2021 | JANUARY CYBER INTELLIGENCE LAB

 BACKGROUND

BACKGROUND Ties to United Arab Emirates Government and its

Signals Intelligence Agency (SIA), formerly known as
National Electronic Security Authority (NESA)

TARGETS Human Rights Activists

Journalists
Governments
Terrorists

MOTIVE State Surveillance

DarkMatter promotes itself as a top tier cyber defence group, and claims to
offer services protection against potential threats for government agencies,
enterprises and individuals. It leverages a range of protocols, products and
services, such as network security, bug sweeping and a 'cyber-secure'
mobile phone.

DarkMatter was founded in the United Arab Emirates (UAE) in 2014

following Project Raven, an offensive operational division of the UAE’s
Signals Intelligence Agency (SIA), which monitored opposition to the
Emirates government. The Project hired former intelligence operatives from
the USA and other countries, including whistleblower Lori Stroud from the
NSA who exposed widespread abuses. Stroud professed that fellow
Americans, political rivals, human rights activists and those criticising the
Emirati government were being targeted.

Allegedly a hacking service, DarkMatter utilises surveillance techniques

taught by ex-NSA intelligence officers to hack and shut down threats - all
being concealed under the idea of national security.

Through the analysis of the company’s background, executive team,

technical means, principal targets as well as its ties with other
organisations, we can conclude that DarkMatter is not a typical
cybersecurity company. It can be more closely described as offensive cyber
for hire. They assist the UAE and other gulf nations and their intelligence
agencies to conduct offensive cyber intrusions and surveillance of
individuals both at home and abroad that are critical of their actions.

2021 | JANUARY 2 CYBER INTELLIGENCE LAB

 FOUNDER
AND CEO

FAISAL AL BANNAI
Faisal Al Bannai founded DarkMatter in
2014 before it was sold to multiple
parties in late 2019. Al Bannai is the
son of a retired major general of the
Dubai police and was also the founder
of Axiom Telecom. He has since
become the CEO and Managing
Director of EDGE, a conglomerate of 25
state-owned and private companies,
which develop 'state-of-the-art'
technologies and solutions in areas
such as cyber defence, missiles,
electronic warfare and intelligence.
Faisal Al Bannai, Founder, DarkMatter.
Source: Entrepreneur n.d.

KARIM SABBAGH
Karim Sabbagh was appointed CEO of
DarkMatter in 2018. Sabbagh was once
the Senior Vice President of Booz Allen
Hamilton (1998-2003), the firm that
employed whistleblower Edward
Snowden who leaked sensitive
information about US surveillance
programs in 2013. Previously, he
served as the President & CEO of SES
(2013-2018), a Luxembourg firm that
provides secure satellite and ground
communications solutions. He
Karim Michel Sabbagh, former CEO, departed in 2019 after DarkMatter was
acquired.
DarkMatter. Source: SpaceNews 2016.

2021 | JANUARY 3 CYBER INTELLIGENCE LAB

2018 | MARCH MEMPHIS SOLUTIONS

TECHNICAL DarkMatter is a sophisticated threat actor

capable of deploying a wide range of
technical and deception techniques against
MEANS their targets.

DarkMatter focuses mainly on offensive

strategies using social engineering tactics
with malware to steal information and
infiltrate their targets (Marczak & Scott-
Railton 2016a).

DarkMatter’s Project Raven used many tools to carry out offensive cyber-
attacks such as spear phishing, installing backdoors, exploiting zero-day
vulnerabilities and installing malware (Farley 2019).

Their most well-known spyware is called Karma, which was bought from a
foreign vendor whose name and location could not be determined (Bing &
Schectman 2019d).

KARMA
Karma provided the UAE with the ability to hack iPhones throughout 2016
and 2017 to obtain photos, emails, text messages and geolocation
information from their target's smartphones.

This also gave UAE the ability to access saved passwords, which allowed
access to other personal data and information (Bing & Schectman 2019a).

Karma granted access to iPhones by uploading phone numbers or email

accounts into an automated targeting system.

Although the tool does not work on Android devices and is unable to
intercept phone calls, it remains potent since it did not require a target to
click on the link that is sent to compromise their mobile devices.

It is believed that Karma was no longer used by late 2017, when iPhone
software security updates made it less effective.

However, DarkMatter has continued its surveillance operations since then

either through an improved variant or the use of other tools at their
disposal.

2021 | JANUARY 4 CYBER INTELLIGENCE LAB

2018 | MARCH MEMPHIS SOLUTIONS

STEALTH FALCON
DarkMatter’s project Stealth Falcon carried out an attack on state-run Qatar
News Agency. DarkMatter used the below methods to publish fake news
articles to dispute official Qatari statements (Al Jazeera 2017).

Figure 1: Example of Technical Means and Methods: Stealth Falcon.

Source: Graphic made with

information sourced from
Marczak & Scott-Railton 2016b.

2021 | JANUARY 5 CYBER INTELLIGENCE LAB

 TARGETS
Whilst the development of UAE cyber capabilities was associated with
mitigating terror threats following 9/11, individuals that became their
targets go well beyond the category of 'terrorists'.

DarkMatter continues to act in accordance with UAE’s political agenda to

preserve the status quo and targets individuals including human rights
activists, journalists and dissidents who challenge or criticise the regime.

HUMAN RIGHTS ACTIVISTS AND

THEIR AFFILIATED ORGANISATIONS
DarkMatter is suspected of targeting human rights activists that criticise
the UAE government.

Ahmed Mansoor (pictured right), a

well-known Emirati activist, has
been revealed as a key target of
Project Raven for a number of
years.

Through evidence revealed in first-

hand accounts that were published
in 2019, Reuters mentioned that
Mansoor was targeted by
DarkMatter after publicly criticising
UAE’s war in Yemen, the treatment
of migrant workers and detention of
political opponents.

Mansoor was also surveilled by the Source: Human Rights Watch 2019
UAE government and DarkMatter
through the cyber-espionage Project Raven using Karma. They
platform, Karma. gave her the code name ‘Purple
Egret,’ which was revealed in the
As a result of the covert program’s exposed documents.
surveillance, Mansoor was
sentenced in a secret trial in 2017 Mansoor was also the target of
for allegedly 'damaging the another offensive cybersecurity firm
country's unity' and sentenced to 10 (NSO Group) affiliated with the
years in jail. Israeli government. NSO Group
made its first deal with the UAE in
Mansoor was not the only target. In 2013, and were caught one year
2017, the mobile device of his wife, later deploying NSO spyware into
Nadia, had also been monitored by Mansoor’s mobile phone.

2021 | JANUARY 6 CYBER INTELLIGENCE LAB

 JOURNALISTS

DarkMatter is suspected of attacking journalists and their close associates

for criticising the UAE Government.

Rori Donaghy (pictured right) from

the United Kingdom (UK) was
targeted by Project Raven, which
later became known as DarkMatter.

Unbeknownst to Donaghy, he was

considered a top national security
target of the UAE government for
over five years.

He was previously a news editor

with the Middle East Eye who also
acted as the Director of the
Emirates Centre for Human Rights
from 2012 until 2014, a UK human Source: Bing & Schectman 2019a
rights organisation centred on the
UAE. The perpetrator sent numerous
emails and tweets from UAE
Similar to Mansoor, his relatives, citizens’ accounts who had
partner and close associates previously been arrested by
became the targets of surveillance authorities featuring URLs
by DarkMatter. embedded with their spyware.

Posing as a human rights activist, a Donaghy suggested that it was

Raven operative initiated contact common for the UAE to take control
with Donaghy online and prompted of the accounts of arrested political
him to download a piece of activists or dissidents in an attempt
software. to lure in other targets they would
want to surveil.
Image 1. A phishing email containing a link, which
requires no user interaction to install the malware
received by Donaghy. Source: Marczak & Scott-
Railton 2016b

Image 2. The link contained a

document detailing a plea to
uphold human rights directed to
unsuspecting victims. Source:
Marczak & Scott-Railton 2016b

2021 | JANUARY 7 CYBER INTELLIGENCE LAB

 GOVERNMENTS, UNITED NATIONS
AND FIFA WORLD CUP
Following the Arab Spring, there was mass instability within the region,
with uprisings posing a major threat to the UAE Monarchy.

International media has reported

that Qatar was a strong supporter
of the uprisings and a known backer
of rebel groups that attempted to
overthrow the Syrian President at
the time. This added to existing
frictions between the UAE and
Qatar.

This led DarkMatter to launch an

attack on hundreds of Qatari
government officials in 2014.

More recently, there was an attack

launched against the United Source: FIFA Official Website
Nations offices in New York. The
intention behind the act was to be politically motivated (Bing &
compromise email accounts Schectman 2019c).
belonging to the diplomatic
representatives of governments The UAE intended to access
considered rivals of the UAE. damaging information against
Qatar, through the hacking of FIFA
A UN spokesperson has confirmed executive accounts. Collected
that there was a security incident information would then be used to
that was identified but did not embarrass Qatar, and draw into
confirm whether any information question their bid for the 2022 FIFA
was breached or acquired from the World Cup (Ahmed 2019).
attack.
However, it has been difficult to
The attack also targeted FIFA establish a pattern in victimisation
executives, which was believed to beyond opponents of the UAE.

2021 | JANUARY 8 CYBER INTELLIGENCE LAB

 NETWORKS
DarkMatter has close ties to both domestic and foreign entities
consisting of state-sponsored and private cybersecurity companies.
These organisations, similarly to DarkMatter, also share an interest in
developing offensive cyber and state surveillance capabilities.

Known to work closely with UAE’s government and intelligence agencies,

DarkMatter and its networks are part of a growing number of entities that
are utilised by the Emirati government to carry out its national security
objectives.

PAX AI
PAX AI is a subsidiary of DarkMatter, previously known as
Pegasus. PAX AI is headed by CEO Peng Xiao and has become a
division of Group 42 (G42), a leading artificial intelligence and
cloud computing company based in the UAE. G42 is known to be
the sole registered shareholder of ToTok, a messaging app that
has been used by the Emirati government as a spying tool.

Image 3. Connections between DarkMatter and Pax AI Through G42, PAX AI has
ties with the country’s
intelligence apparatus
and Emirati officials, such
as Tahnoun bin
Mohammed Al Nahyan,
the country’s National
Security Advisor and son
of the founding father. It
has been under scrutiny
for hiring former NSA, CIA
and Israeli intelligence
operatives to conduct
state surveillance against
journalists, human rights
activists, and dissidents
(Associated Press 2020).

Source: Marczak (2020)

PAX AI is also reportedly capable of monitoring any individual in the UAE

with the use of surveillance devices implanted in cities, working closely
with the Dubai police in big data and 'Smart-City' solutions (Benito 2020).

Although PAX AI representatives refuse to comment on DarkMatter,

LinkedIn accounts reveal that G42 and PAX AI have absorbed many former
DarkMatter employees into their companies over the years (Associated
Press 2020).

2021 | JANUARY 9 CYBER INTELLIGENCE LAB

 HUAWEI
In 2017, Huawei signed a global Memorandum of Understanding
(MoU) with Pegasus (now PAX AI) on solutions for 'Smart-City'
and big data.

The agreement solidified their partnership in developing

technology and professional capabilities, such as Huawei’s
Public Safety Cloud and Big Data Solution, as well as Pegasus’
Big Data Analytics applications. The MoU also aimed to
increase cooperation in order to share, exchange, store and
process data between the two entities (Olt News 2020). This
would allow Huawei to collect actionable intelligence to provide
'Smart City' solutions.

However, Huawei has also received criticism for investing

heavily in surveillance equipment, facial recognition technology
and wireless access controllers, which could be used for
state surveillance.

Huawei and Pegasus

signed a MoU
agreement
in 2017.

Source: TRT/Huawei

CYBERPOINT
CyberPoint was founded in Baltimore, Maryland, by Karl Gumtow
in 2009. The company was responsible for recruiting as well as
facilitating the transition of retired NSA operatives, including
DarkMatter’s whistleblower Lori Stroud, to be involved in Project
Raven (Malicious Life n.d.).

Reports have revealed that the Emirati government requested

CyberPoint to train members of its Signals Intelligence Agency
(SIA) and sell surveillance equipment that would later be used
to monitor US citizens (Sarmin n.d.). American staff however
were not willing or able to perform those operations.

As a result, DarkMatter replaced CyberPoint in 2015 as the UAE

grew increasingly uncomfortable with their core state
intelligence program being controlled by foreigners.
Consequently, UAE defense officials provided CyberPoint staff
the option to join DarkMatter or leave, to which many chose the
former (Rahman Sarmin n.d.).

2021 | JANUARY 10 CYBER INTELLIGENCE LAB

 NSO GROUP
NSO Group was founded in Israel, and is a DarkMatter
competitor. Although improved bilateral relations between the
UAE and Israel could witness increased cooperation,
governments and cybersecurity firms in the Middle East
compete fiercely in luring top hacking talents from countries
such as Israel and the United States (Ganon and Ravet 2020).

According to a New York Times report (2019), DarkMatter and

other cybersecurity firms in the region recruit operatives from
Unit 8200 - Israel’s elite signals intelligence group - with
promises of extravagant salaries and lavish properties. In
2017, NSO Group was reported to have lost a considerable
portion of its Unit 8200 graduates to a research and
development facility owned by DarkMatter in Cyprus (Ziv 2019).

NSO Group developed its own surveillance tool named Pegasus

(not to be confused with the DarkMatter subsidiary) capable of
intercepting phone calls, texts, emails, contacts, location and
any data transmitted over apps like Facebook, WhatsApp and
Skype.

Additionally, NSO Group assisted countries such as the UAE

and Saudi Arabia using Pegasus to surveil renowned slain
Saudi critic Jamal Khashoggi.

Image 4. Pegasus, a spying tool that is capable of

hacking Android and iOS devices.

Source: Khandelwal 2018.

2021 | JANUARY 11 CYBER INTELLIGENCE LAB

 CONCLUSION
DarkMatter was founded by Faisal Al Bannai in the UAE in 2014, and has
been mired in controversy for working with the country’s intelligence
apparatus to conduct cyber intrusions and state surveillance.

DarkMatter relies on offensive strategies and techniques taught by

former intelligence operatives from countries such as the US and Israel,
sending spear-phishing emails with malware to infiltrate their target’s
mobile devices to steal information.

The Group portrays itself as a provider of cyber protection solutions.

However, it has been exposed for committing a number of high-profile
intrusions against prominent human rights activists, journalists,
governments including their own officials and citizens who are critical
of the UAE such as Emirati activist Ahmed Mansoor and British
journalist Rori Donaghy.

The main spyware tool used is known as Karma, which was able to
exploit specific iPhone security vulnerabilities to grant access to data
stored on their target’s smartphone, including photos, emails, text
messages and geolocation information.

Moreover, DarkMatter has ties with other state-sponsored cybersecurity

and defense entities in the UAE. This includes Pax AI and Group 42,
sharing personnel, techniques and technologies.

In conclusion, DarkMatter is not the image it portrays to the general

public. The group undertakes illegal operations and pose a large threat
to individuals and organisations, though it remains difficult to establish
a pattern of victimisation beyond opponents of the UAE.

2021 | JANUARY 12 CYBER INTELLIGENCE LAB

 AUTHORS
This report was prepared in collaboration with:

CiLab Master Interns:

Amanta Cotan
Andreane Laurin
Priandhini Triana Asih (Leader)

PACE Team Members:

Omar Moussa
Michela Mueller
Ellen Munns (Leader)
Hannah Power
Emily Rich
Sydney Smith
Chloe Summerson
Rachael Tuilaselase
Emilia Turnbull (Leader)
Sam Vasic
Olivia Zibara

Academic Mentors:
Stephen McCombie
Fred Smith
Allon J Uhlmann

2021 | JANUARY 13 CYBER INTELLIGENCE LAB

 BIBLIOGRAPHY
Ahmed, N 2019, ‘UAE targeted UN and FIFA Using American Al-Qaeda Spy
Programme’, Middle East Monitor, 11 December 2019, viewed 8 October
2020, <https://www.middleeastmonitor.com/20191211-uae-targeted-un-
and-fifa-using-american-al-qaeda-spy-programme/>.

Al Jazeera 2017, ‘Qatar to prosecute perpetrators of QNA hacking’, Al

Jazeera, 24 May 2017, viewed 8 October 2020,
<https://www.aljazeera.com/news/2017/05/24/qatar-to-prosecute-
perpetrators-of-qna-hacking/>.

Arab Unreported 2019, ‘Project Raven: UAE Cyber Surveillance that Used
Americans to Supress Freedom’, Medium, 30 June, viewed 20 September
2020, <https://medium.com/@arabunreported/project-raven-uae-cyber-
surveillance-1efe0ffbc13b>.

Associated Press 2020, ‘Co-creator Defends Suspected UAE Spying App

Called ToTok’, VOA News, 2 January 2020, viewed 12 January 2021,
<https://www.voanews.com/middle-east/co-creator-defends-suspected-
uae-spying-app-called-totok/>.

Benito, A 2020, ‘Police look to AI, robots to make Dubai the world's safest
big city’, CIO Australia, 26 July 2020, viewed 12 January 2021,
<https://www.cio.com/article/3567066/police-look-to-ai-robots-to-make-
dubai-the-worlds-safest-big-city.html/>.

Bensaid, A 2019, ‘The UAE’s covert web of spies, hackers and mercenary
death squads’, TRT World, 5 February 2019, viewed 18 December 2020,
<https://www.trtworld.com/magazine/the-uae-s-covert-web-of-spies-
hackers-and-mercenary-death-squads-23805/>.

Bing, C & Schectman, J 2019a, ‘Project Raven: U.A.E deployed former

American spies to hack iPhones of foreign leaders, activists’, National
Post, 30 June, viewed 9 October 2020,
<https://nationalpost.com/news/world/u-a-e-used-cyber-super-weapon-
to-spy-on-iphone-of-foes>.

Bing, C & Schectman, J 2019b, ‘White House Veterans Helped Gulf

Monarchy Build Secret Surveillance Unit’, Reuters, December 10, viewed
12 October 2020,
<https://www.reuters.com/article/us-usa-raven-whitehouse-
specialreport-idUSKBN1YE1OB>.

Bing, C & Schectman, J 2019c, ‘Inside the UAE’s Secret Hacking Team of
American Mercenaries’, Reuters, 30 January 2019, viewed 12 January
2021, <https://www.reuters.com/investigates/special-report/usa-spying-
raven/>.

2021 | JANUARY 14 CYBER INTELLIGENCE LAB

 BIBLIOGRAPHY
Consultancy Me 2019, ‘UAE defence group CEO Faisal Al Bannai sells
cyber-consultancy DarkMatter’, 20 November 2019, viewed 18 December
2020, <https://www.consultancy-me.com/news/2476/uae-defence-group-
ceo-faisal-al-bannai-sells-cyber-consultancy-darkmatter/>.

CTech 2019, ‘Emirati Spying App Is Linked to Company Employing Former

NSO Programmers, Report Says’, Calcalist, 23 December 2019, viewed 22
December 2020, <https://www.calcalistech.com/ctech/articles/0,7340,L-
3776322,00.html/>.

CyberPoint, n.d., ‘Company’, viewed 21 December 2020,

<https://www.cyberpointllc.com/>.

Da Cruz, J & Pedron, S 2020, ‘Cyber Mercenaries: A New Threat to

National Security’, International Social Science Review, vol. 96, no. 2, pp.
1-34.

Donaghy, R 2016, ‘Abu Dhabi announces launch of Israeli-installed mass

surveillance system’, Open Democracy, 15 July 2016, viewed 8 January
2021, <https://www.opendemocracy.net/en/north-africa-west-asia/abu-
dhabi-announces-launch-of-israeli-installed-mass-surveillance-system/>.

Donaghy, R 2016a, ‘UAE recruiting ‘elite task force’ for secret surveillance
state’, Open Democracy, 3 August 2016, viewed 17 December 2020,
<https://www.opendemocracy.net/en/north-africa-west-asia/uae-
recruiting-elite-task-force-for-secret-surveillance-state/>.

Entrepreneur Middle East n.d., ‘Follow The Leader: Faisal Al Bannai, CEO,
DarkMatter’, viewed 22 December 2020,
<https://www.entrepreneur.com/article/279231/>.

Farley, T 2019, ‘Stealth Falcon, Project Raven, and the UAE: How the U.S.
Became Entangled in the Hacking of Human Rights Activists’, The
Patterson Journal of International Affairs, viewed 25 August,
<http://pattersonjournal.com/2019/11/19/stealth-falcon-apt/>.

Gallagher, S 2019, ‘UAE buys its way toward supremacy in Gulf cyberwar,
using US and Israeli experts’, Ars Technica, 2 February 2019, viewed 21
December 2020, <https://arstechnica.com/information-
technology/2019/02/uae-buys-its-way-toward-supremacy-in-gulf-
cyberwar-using-us-and-israeli-experts/>.

Ganon, T & Ravet H 2020, ‘The Dodgy Framework and the Middlemen: how
NSO Sold its First Pegasus License’, Calcalist, 24 February 2020, viewed
12 January 2021, <https://www.calcalistech.com/ctech/articles/0,7340,L-
3796112,00.html/>.

2021 | JANUARY 15 CYBER INTELLIGENCE LAB

 BIBLIOGRAPHY
George, D 2019, ‘Revealed: The Truth Behind the 2022 FIFA World Cup
Preparations in Qatar’, Essentially Sports, 11 June 2019, viewed 23
November 2020, <https://www.essentiallysports.com/the-truth-behind-
the-2022-fifa-world-cup-preparations-in-qatar/>.

Human Rights Watch 2019, ‘UAE: Free Unjustly Detained Rights Defender
Ahmed Mansoor’, 16 October 2019, viewed 24 November 2020,
<https://www.hrw.org/news/2019/10/16/uae-free-unjustly-detained-
rights-defender-ahmed-mansoor/>.

Khandelwal, S 2018, ‘Powerful Android and iOS Spyware Found Deployed

in 45 Countries’, The Hacker News, 18 September 2018, viewed 17
December 2020, <https://thehackernews.com/2018/09/android-ios-
hacking-tool.html/>.

Malicious Life n.d.,’ToTok, Part 3: Becoming a Spyware Superpower’,

viewed 4 January 2021, <https://malicious.life/episode/episode-77/>.

Marczak, B 2020, ‘A Breej too Far: How Abu Dhabi’s Spy Sheikh hid his
Chat App in Plain Sight’, Medium, 3 January 2020, viewed 22 December
2020, <https://medium.com/@billmarczak/how-tahnoon-bin-zayed-hid-
totok-in-plain-sight-group-42-breej-4e6c06c93ba6/>.

Marczak, B & Scott-Railton, J 2016, ‘The Million Dollar Dissident NSO

Group’s iPhone Zero-Days used against a UAE Human Rights Defender’,
The Citizen Lab, 24 August 2016, viewed 4 January 2021,
<https://citizenlab.ca/2016/08/million-dollar-dissident-iphone-zero-day-
nso-group-uae/?>.

Marczak, B & Scott-Railton, J 2016a, ‘Keep Calm and (Don’t) Enable

Macros, A New Threat Actor Targets UAE Dissidents’, The Citizen Lab, 24
August, viewed 25 August 2020, <https://citizenlab.ca/2016/05/stealth-
falcon/>.

Marczak, B & Scott-Railton, J 2016b, ‘The Million Dollar Dissident NSO

Group’s iPhone Zero-Days Used Against A UAE Human Rights Defender’,
The Citizen Lab, 24 August, viewed 12 October 2020,
<https://citizenlab.ca/2016/08/million-dollar-dissident-iphone-zero-day-
nso-group-uae/>.

2021 | JANUARY 16 CYBER INTELLIGENCE LAB

 BIBLIOGRAPHY
Mazzetti, M, Goldman, A, Bergman R & Perlroth, N 2019, ‘A New Age of
Warfare: How Internet Mercenaries Do Battle for Authoritarian
Governments’, The New York Times, 21 March 2019, viewed 22 December
2020, <https://www.nytimes.com/2019/03/21/us/politics/government-
hackers-nso-darkmatter.html/>.

Perez, JC 2008, ‘Customers Trust MicroStrategy's Independence’,

PCWorld, 21 January 2008, viewed 8 January 2021,
<https://www.pcworld.com/article/141566/article.html/>.

Rhysider, J 2019, Ep 47: Project Raven, podcast, Darknet Diaries, viewed 9

October 2020, <https://darknetdiaries.com/episode/47/>.

Sabbagh, KM 2016, ‘Op-Ed | On the health of the commercial satellite

industry’, Space News, 19 May 2016, viewed 17 December 2020,
<https://spacenews.com/op-ed-ses-chief-executive-karim-michel-
sabbagh/>.

Sarmin, R n.d., ‘How DarkMatter Used Aglaya and CyberPoint to Build A

Shady Surveillance Operation for UAE’, viewed 21 December 2020,
<https://www.indiehackers.com/@rahmansarmin/9b28c8fd69/>.

Schectman, J & Bing, C 2019, ‘ UAE Used Cyber Super-Weapon to Spy on

iPhones of Foes’, Reuters, 30 January 2019, viewed 23 November 2020,
<https://www.reuters.com/investigates/special-report/usa-spying-
karma/>.

Topio Networks n.d., ‘Peng Xiao’, viewed 8 January 2021,

<https://www.topionetworks.com/people/peng-xiao-
52a180931dedae5643000756/>.

United Nations n.d., ‘Visitor Centre’, viewed 12 January 2021,

<https://visit.un.org/>.

Ziv, A 2019, ‘Mysterious UAE Cyber Firm Luring ex-Israeli Intel Officers
with Astronomical Salaries’, Haaretz, 16 October, viewed 20 September
2020, <https://www.haaretz.com/israel-news/.premium-mysterious-uae-
cyber-firm-luring-ex-israeli-intel-officers-with-astronomical-salaries-
1.7991274>.

2021 | JANUARY 17 CYBER INTELLIGENCE LAB