The ongoing Gulf feud between the small but rich country of Qatar versus its biggest friends and neighbouring countries of Saudi Arabia, UAE, Egypt and Bahrain continued their year-long conflict with more cyber-attacks in mind. #OpQatar Hacks are targeting and leaking sensitive information from their citizens and agencies once again.
#OpQatar reached mainstream media on year 2013, but its first related major instance of hacking was recorded last May 2017, when Qatar News Agency’s website was anonymously hacked and slandered. The hackers posted a quote that they attributed to Sheikh Tamim bin Hamad al-Thani, Qatar’s current emir, which was about his complaint to US Foreign Policy and his alleged support of Islamic extremist groups. Qatar denied its validity afterwards and related the whole incident to hackers backed by UAE government, which they deny as well.
Another targeted hacking was reported on September of last year, when Qatar state website was hacked by Anonymous – a secret decentralized hacktivist organization. They outrightly mentioned the attack coming from Saudi Arabia, which leads to conclude that the motivation for the attack was likely due to disputes between Qatar and Saudi Arabia.
Fast forward to this year and it appears that #OpQatar related hacks are even stronger and more coordinated than ever. Just this month, anonymous hackers managed to leak sensitive documents and images from Qatar Customs to public Internet. They have also penetrated legitimate markets in Qatar and leaked its rules and relationships with regard to social sites and their government. Moreover, a great number of leaked private IDs and documentations were released by several anonymous hackers – all Qatari citizens.
Hacking incidents such as these will surely continue for the coming weeks, as warned by one of the anonymous hackers in one of their tweets. Whether living inside the State of Qatar or not, #OpQatar proves how we take cybersecurity for granted. Hackers only need to get creative and they can bypass a lot of tried and tested defenses. Ideally all cyber defenses should continually be put to the test, and once in a while adapt a hacker’s mindset.
But in actuality, nothing is perpetually invulnerable these days, and so organizations that highly value information security should devote a lot of their resources and effort designing ways to mitigate losses if a security breach happens.