The hack of a television station which became the spark that ignited diplomatic fury and sent Qatar into crisis mode was “extremely easy to carry out,” according to reports.
Sources speaking to Motherboard said Qatar’s state-owned television station and news agency the Qatar News Agency (QNA) had “terrible security” in place which allowed the attack to occur with little effort on the hackers’ side.
On May 23, QNA quoted Sheikh Tamim Al Thani, the current Emir of Qatar, as saying Iran was an “Islamic power that cannot be ignored” at a military ceremony.
Considering the tension in the Middle East, the pro-Iran comments were enough to cause an uprising from nearby countries — should the statement have been true. However, there was no factual basis for the report which was planted in QNA by unknown cyberattackers.
The damage was done. As the quotes came from the QNA, it was quickly spread to television and other news networks.
Hackers also took control of the news agency’s Twitter feed, posting statements falsely attributed to Qatar’s foreign minister, claiming the country official had uncovered a plot against Qatari people, there was “tension” between the country and the US administration, and ambassadors were being asked to withdraw from countries including Saudi Arabia, Egypt, Kuwait, and Bahrain.
The Emir was also quoted as saying that there was “no wisdom in harboring hostility toward Iran” and that it was a “big power in the stabilization of the region.”
According to Motherboard, a source familiar with the hack said the QNA “could’ve been owned by random script kiddies forever,” as “security at the organization was so bad that anyone and everyone could have been in there.”
The hackers were reportedly able to take complete control of the news agency’s web server, content management system (CMS), and all social media accounts. The hack itself was “nothing special,” but still was able to compromise the “entire QNA,” another source said.
While the country’s Government Communications Office was quick to refute the statements as false, with the relationship between Saudi Arabia and Qatar, in particular, having been strained since the Arab Spring when each side backed a different group, this was a powder keg ready to blow.
Tension has also been simmering since Qatar allegedly paid a ransom to an al-Qaeda affiliate in Syria to secure the release of kidnapped members of the royal family.
Bahrain, Saudi Arabia, the United Arab Emirates (UAE), and Egypt all withdrew their ambassadors at the same time due to the situation, with other nearby countries including Yemen quickly following suit.
At the time of writing, all flights from Saudi Arabia, Bahrain, the United Arab Emirates and Egypt to Qatar have been stopped, and Qatar has been barred from using much of the airspace around the country.
Saudi Arabia claimed the move was due to Qatar’s support of “Iranian-backed terrorist groups.”
All this, which is causing chaos for travel, panic buying due to worries that the import of food and other necessities will be limited and the loss of revenue for countless businesses both in and around the country, was potentially caused by a one or a few script kiddies.
The Qatari government has launched an inquiry into the cyberattack with the help of the Federal Bureau of Investigation (FBI) and the British National Commission for Combating Crime (NCA).
In a statement, Qatar’s Ministry of the Interior said the hackers used “high techniques and innovative methods by exploiting an electronic gap” on the QNA website, and a file which allowed the compromise to occur was installed last April.