The visit to London last week by Saudi crown prince Mohammed bin Salman drew well publicised protests, with hundreds of people gathering outside Downing Street to demonstrate against UK arms sales to Saudi Arabia and Riyadh’s military actions in Yemen, where thousands of civilians have been killed. Meanwhile, hacktivists claimed cyber attacks on the Bank of England, BP and Pipex, accompanying the announcements with hashtags such as #SaudiPrinceNotWelcome.
At the end of the week news emerged that the UK has agreed to supply Saudi Arabia with 48 Eurofighter Typhoon jets, a move likely to attract the attention of activists - both online and on the ground - in a variety of ways. Arms sales to Saudi Arabia have long been the focus of various campaigns, both because of the country’s well-known poor human rights record and, more recently, because of its air strikes on Yemen.
While campaigners from groups such as Stop the War, the Campaign Against Arms Trade (CAAT) or Amnesty International will continue to mount demonstrations, garnering further support via social media campaigns and petitions, there is a possibility that hacktivists may launch cyber attacks against a variety of targets.
BAE Systems, the company which has agreed to supply the military jet, would seem to be at particular risk. However, other major defence companies with related UK-based enterprises may also draw attention. These include Rolls-Royce, which is part of the consortium that manufactures the EJ200 engines for the Typhoon, and the Italian company Leonardo, which builds the radar and other systems for the jet in Edinburgh and Luton. Airbus, with several bases across the UK, is also part of the Typhoon programme.
Secondary targeting is another issue to consider: companies supplying goods or services to any of the major enterprises involved in military or arms trades with Saudi Arabia are all at risk of attack.
Hacktivist groups are also likely to pick up on the news that the UK and Saudi Arabia have signed a £100m aid agreement, described as a “new long-term partnership”, and designed to create and improve infrastructure in countries affected by conflict. The deal has already been criticised by opposition MPs, who view it as ignoring the role Riyadh has played in the war in Yemen.
Describing the agreement as a “national disgrace”, Kate Osamor, the shadow international development secretary, said it would “whitewash Saudi Arabia’s reputation and role in the war”. UK government websites such as the Department for International Development (DfID) could therefore also be targeted.
Meanwhile, hacktivists continue to launch attacks against Saudi Arabian websites as part of #OpYemen. This operation began in March 2017, and targets mainly comprise Saudi government or education websites. Just last week more than 3,000 email addresses and hashed passwords were leaked from a training institute.
#OpSaudi is one of the other operations that we have noted affecting a range of sectors in Saudi Arabia. This has been running since at least 2015, and while targets tend to comprise Saudi government sites, banks, investment organisations and commerce, any companies with bases in the country could come under attack, particularly those involved in the financial or energy industries.
Moving back to the UK and the large amount of media publicity seen as a result of the visit of the crown prince, we are advising all commercial enterprises with links to Saudi Arabia – particularly via the arms industry highlighted by the agreement signed with the UK – to ensure that their cyber security measures have been fully implemented and are regularly updated.