Dark Matter, Leading UAE Hacking Firm, Entices IDF Cyberwar Veterans at $1-Million a Pop, Israeli Media Report Censored
Haaretz reported recently week that the UAE spyware company, Dark Matter, the commercial subsidiary of UAE intelligence, has hired Israeli veterans of Unit 8200, the IDF SIGINT intelligence branch. The Israelis are enticed with astronomical salaries and perks, some as high as $1-million yearly excluding bonuses; along with villas on the seashore. In fact, an Israeli head-hunter told an Israeli reporter that offers below $400,000 aren’t even worth discussing with clients. They work at Dark Matter offices in Singapore or Cyprus.
The UAE company’s main rival is NGO Group, the international leader in cyber-hacking technology. The latter was recently sold to the UK venture capitalist, Stephen Peel, at a $1-billion (“unicorn”) company valuation. When NSO witnessed a sudden exodus of some of its top employees, a private investigator it hired discovered that Dark Matter was responsible for hiring away its top talent.
The UAE does not recognize Israel or have diplomatic relations with it. It’s ironic that Israel is sharing some of its most advanced cyber-weapons with a state which for decades expressed hostility towards it. But in the new regional reality created by Israel’s alliance with Sunni Gulf states against Iran, the unthinkable is now distinctly thinkable.
Much of this new commerce and military-intelligence sharing must be done under the table, because the Arab states still maintain a pro forma antipathy toward Israel. This poses an obstacle for Israelis wishing to work for such a company, since even having a passport with an Israeli visa stamp would disqualify a visitor from entering the UAE.
That’s why Dark Matter maintains offices outside the region in Cyprus and Singapore. Thus Israelis may work for the company without having to step foot in Abu Dhabi. It allows the UAE company to have its cake and eat it too. Similarly, many Israeli arms exporters also maintain subsidiaries outside Israel, routing export sales through them in order to shield the fact that their customers are often Gulf states. It is a fig leaf that satisfies Arab nations whose citizens might be angry were it known that Israel is providing surveillance technology used to monitor them.
Though Dark Matter claims only to take on clients who want defensive cyber-security protection, news reports cast doubt on the claim. They confirm that Dark Matter takes assignments from the UAE intelligence service which are offensive in nature and target those viewed as threats to the regime.
Reuters reported earlier this year, that Dark Matter had hired NSA veterans in a similar fashion to work on projects targeting human rights activists, journalists and other deemed opponents of the regime. In effect, the company operated as a semi-official branch of the country’s intelligence services. It absorbed the expertise of the U.S. employees and transferred it to UAE employees, so that it could develop native talent that operated at the same level as the most advanced global firms.
However, the U.S. employees balked when they learned that their targets were not criminals, drug dealers or terrorists, but rather political dissidents. Also, Dark Matter eventually tasked them with spying on U.S. citizens. One such employee reported this to the FBI which began an investigation into the company, which is ongoing.
In its earlier stages of technological development, the UAE intelligence service paid NSO Group $100-million to purchase its major spyware product, Pegasus. It used the malware to track human rights activists in the kingdom and intercept their communications. This is how Ahmed Mansour, one of the most prominent of these figures was arrested, convicted and imprisoned by the authorities there.
However, the intelligence services faced a major constraint in using NSO’s technology. Contractual obligations prohibited them from targeting either Israeli and American individuals. They resolve the problem by abandoning the Israeli spyware company entirely. Now, instead of buying the product, UAE goes direct to the source and hires away NSO engineers and Unit 8200 vets to develop spyware for itself. UAE and the Gulf states have become increasingly reliant on Israeli technology to control and police their repressive societies. Billions of dollars worth of advanced surveillance gear has been exported over several years by Israeli entrepreneurs like Mati Kochavi to these Gulf dictatorships in order to preserve stability and ferret out dissent amongst the citizenry.
Unit 8200 is the single largest unit in the Israeli army. Equivalent to the NSA, it is the jewel in the crown of the Israeli intelligence apparatus. Its mission is to spy on Palestinian and Arab targets, to detect which individuals are ripe for recruitment as Israeli informants, and monitor those targeted for missions or assassination.
These intelligence veterans are an especially good fit for Dark Matter, not only because they have some of the most advanced skills in the world, but because they are already trained to spy on Palestinians and others deemed hostile to Israel in the Arab world. They have language and technical skills to employ the most advanced methods of spying on their targets.
Unlike the NSA veterans mentioned above, many of these Israelis do not have moral compunctions about spying on behalf of an Emirati dictatorship. Not to mention that there is already a vast Israeli technology infrastructure employed on behalf of these repressive Sunni regimes. Adding human capital to this flow of expertise is a natural extension of the entire surveillance enterprise.
In many ways, these new cyber-security relationships are attractive. They reap huge financial rewards for Israeli businessmen like Kochavi and the Israeli companies which produce and export the equipment. They strengthen relationships with regimes Israel deems critical to its alliance against Iran.
There is no hesitation on the part of Israel’s cyber-security and weapons export sector in doing business with some of the most repressive regimes in the region. In fact, it does business with countries with even worse human rights records like South Sudan, Myanmar, and the Philippines, which have been accused of genocide. As for UAE, many see it as a patriotic duty now that Israel has allied itself with these Sunni states in the fight against Iran.
Darker Reasons for UAE-Israel Sharing of Spyware Secrets
But some Israelis warn of the dangers of permitting foreign states to learn the most advanced secrets of Israeli intelligence:
“Th[is] is de facto smuggling of Israeli intellectual property without any supervision of the [Israel Defense Ministry’s] Defense Export Controls Agency,”
Asked whether the Israeli programmers had received approval to work for Dark Matter, the defense ministry responded:
“In regard to Israeli citizens who ask to transfer supervised security intellectual property to a foreign entity…this is an activity that is required by law to be done with a sales and export license.”
The ministry refused to say whether these workers had obtained such permission. One way in which they bypass these prohibitions is to renounce their connection with Israel. Presumably, this means they’ve renounced Israeli citizenship (though that isn’t clear from the reporting). The defense ministry can then say that it no longer has any jurisdiction over the actions of the individual, who could be offering Israeli military secrets to an Arab state. Another method is for Dark Matter to create a subsidiary owned by a non-UAE citizen. They have such an arrangement with a company in Cyprus which is owned by a German citizen who is a UAE resident. In this way, the Israeli cyber-hackers can hire prominent Israeli lawyers to draft legal opinions vouching for the legality of the employment arrangement, since the employer is not the citizen of a hostile Arab state.
Why would Israeli intelligence and military look the other way at such leakage of its secret tools? Ronen Bergman recently wrote a piece for Yediot Achronot which answers this important question:
UAE maintains secret contacts with Israeli intelligence. Such contacts with a country which borders Iran would be far more important than any other considerations. “You’re dancing two dances at once,” explains a security source…”Israel has many interests in common with UAE, including its strategic importance.”
In fact, Bergman notes that it was an Israeli foreign ministry official serving in the Gulf (possibly UAE…and yes, there apparently are such diplomats there though there are no official relations between the countries) who alerted the Israeli journalist to the phenomenon.
To highlight how sensitive the reporting of such relationships is to the Israeli military, the English version of Bergman’s Yediot article has disappeared from the website. Either the military censor or a judicial gag order has likely caused it to be censored. Oddly, the original Hebrew version remains accessible.
History has proven that a country which today is an ally can become an enemy tomorrow, and vice versa. Should Dark Matter take on as a client an Israeli enemy, it would be able to then turn Israeli technology against Israel itself. And there would be little Israel could do. But Israel is willing to take the chance that its most valuable spyware will get into the hands of Dark Matter and UAE intelligence because the two countries are allied in an effort to both monitor and sabotage their mutual arch-enemy, Iran.
The U.S. has encouraged and facilitated such cooperation between the two countries:
Israel and the United Arab Emirates held secret meetings arranged by the U.S. in recent months to share information and coordinate efforts to counter what they see as the increasing threat posed by Iran, according to U.S. officials familiar with the clandestine diplomacy.
The meetings were convened by Brian Hook, the State Department’s top official for Iran, and are the latest sign of a steady thaw between Israel and Gulf Arab nations, largely brought about by their shared antipathy toward Tehran.
Israel has also participated in high tech expos in UAE designed to showcase Israel’s cyber-hacking prowess. These interchanges have been approved and facilitated by the highest level of Israeli intelligence.
I approached Dark Matter for comment and received no response.
9 thoughts on “Dark Matter, Leading UAE Hacking Firm, Entices IDF Cyberwar Veterans at $1-Million a Pop, Israeli Media Report Censored – Tikun Olam תיקון עולם إصلاح العالم”
Comments are published at the sole discretion of the owner.
Thank you for a very comprehensive coverage.
DarkMatter is also located in China and Oulu Finland … near Nokia Bell Labs and Oulu University of Applied Sciences. Ideal for recruitment of engineers …
Secretive UAE cybersecurity firm is operating in Finland
Iran is Israel’s mortal enemy.
Who is Israel going to ally with to fight Iran? Sweden? Norway?
No. Israel is going to ally with any State that is also opposed to Iran’s plan to dominate the Middle East and destroy Israel.
If not UAE and the Saudis, who should Israel ally with in her existential ‘Cold War’ with Iran?
Please name that country.
Would you rather Israel fight Iran alone? Have you considered what might happen if Israel is alone and facing a rapacious, malignant Iranian juggernaut?
Saudi Twitter employees, not Israelis, are responsible for hacking Saudi enemies, including prominent dissident Omar Abdulaziz, who later became close to Adanan Khashoggi.
@ Dr. Chukwuemeka: You are truly an idiot. Twitter employees cannot “hack” anyone. They can access a user’s Twitter data. But they cannot hack his or her phone or electronic devices as NSO could and did. This has already been proven by Citizen Lab. For spreading fake news, you are now moderated. Only comments which are truthful, accurate and credible will be published in future.
Mister Richard Silverstein,
“Twitter employees cannot “hack” anyone.”
“Abdulaziz last month sued Twitter, alleging it failed to alert him that his account had been hacked by Alzabarah despite, the suit says, Twitter having reason to believe that had happened.’
The Washington Post article used the term ‘hacked’.
You are truly an idiot, for not reading, not understanding, and for banning commenters who speak truth.
@ Doc Chukwuemeka: You claimed:
You claimed that NSO Group was not responsible for Khashoggi’s death because one of his Twitter accounts had been compromised. Khashoggi’s murder and the Twitter incident have nothing to do with each other. This is yet another fake attempt by you to muddy the waters.
No one at Twitter can hack anyone’s electronic devices. Hacking someone’s Twitter account is basically meaningless unless you have a protected account and wish to keep it private. Then if someone hacked it they could learn things you don’t want them to learn. But I’m virtually certain that the hacked account was not private and therefore there was little anyone could learn.
Did Saudis compromise his Twitter account? Sure. Did that contribute in any way to Khashoggi’s murder? Not a chance. Did NSO hack his electronic device? Sure. Did that contribute to Khashoggi’s murder? You bet.
Stop bullshitting. YOu are a liar and a fraud.
BTW, can you explain why you don’t exist anywhere on the web except in this blog’s comment threads? This is the only website on which you’ve ever published anything in your name? Rubbish. You and your persona reek like a dead fish. That’s why you are now moderated. I will not publish bullshit from you. In future, if you choose to post comments that respect the comment rules, your comments will be published. Otherwise, not.
Mr. Richard Silverstein,
“You claimed that NSO Group was not responsible for Khashoggi’s death because one of his Twitter accounts had been compromised ”
I said no such thing. You are setting up a ‘straw man’ to knock down.
You are the fraud and liar, beating down a week, straw dummy that cannot fight back.
PS. Internet is new and spotty in my village and costs money, so I can’t blog like Rich $ilverstein.
@ Doctor Chukwuemeka:
Here is what you wrote:
The Israelis you refer to above are NSO Group. You are claiming here that NSO Group could not be responsible for Khashoggi’s death because Twitter hackers hacked Abdelaziz’s account. Not NSO. This is clearly a false claim as I noted earlier since NSO Group DID hack Abdelaziz and numerous media outlets have attributed blame to NSO for leading to Khashoggi’s death. I don’t know whether you’re brain dead or can’t read or both. But your own words condemn you.
Ah, yes. You live in a Kenyan village with spotty internet, are a Nigerian Igbo Jew, make pretences of knowing U.S. jurisprudence, have no presence on the internet (other than here), and the only site you choose to visit is mine. Gimme a break. You’re as fake as a $3 bill.
You are a troll and I despise trolls. Your comments aren’t worth the energy it takes to rebut or even read them. You have not read the comment rules–no one calls me a liar, let alone a fraud. Not here. You have lost your comment privileges.
May I ask, How did you find out that the UAEs intelligence are HQed in that coin building?