The Saudi Prince & the Billionaire CEO: The Great Cybersecurity Breach of 2018

It has been confirmed that the phone of Amazon CEO and the world’s richest man, Jeff Bezos, was hacked, raising larger concern about cybersecurity problems for the everyman. 

Connecting the Dots 

How did Jeff Bezos find himself embroiled in a cybersecurity breach involving the Saudi Crown Prince? It seems like a rather random chain of events; however, this hacking was no coincidence. As well as founding Amazon, Bezos is also the owner of the Washington Post. In 2018, Jamal Khashoggi, a journalist for the Washington Post, was brutally murdered by Saudi agents allegedly following personal orders of the crown prince, Mohammed bin Salman. Khashoggi’s critical articles of the Saudi government made him a target and ultimately led to his untimely and scandalous murder. Now it has been revealed that around the same time, Bezos’ phone was hacked following a WhatsApp message from bin Salman. 

Why Now? 

The United Nations have called for an “immediate investigation” into the role played by Saudi Crown Prince Mohammed since the information of the hacking has gone public. Although it seems that Bezos has been suspicious of the Saudi government for quite some time and suspected this hacking to be part of a larger-scale campaign against The Washington Post and against Bezos. In October 2018, an online campaign against Bezos was said to have been launched, just shortly after the murder of Khashoggi. 

The Extent of the Security Breach 

Bezos was hacked back in May of 2018, reportedly after receiving a WhatsApp message from Saudi Prince Mohammed bin Salman. A team of specific cyber security experts was hired to aid Bezos in his investigations. The WhatsApp message purportedly contained a video file which, shortly after receipt, enabled the imperceptible transfer of hundreds of megabytes of data from the phone; without Bezos’s knowledge. It was not just this transfer; in the assessment carried out by UN investigators, it was revealed that more than 6 gigabytes of information was stolen from Bezos’s phone over the months following the initial message. Now, Bezos has broken his silence about the scandal by tweeting a picture of himself in attendance of Jamal Khashoggi’s memorial service with the hashtag “#Jamal”. 

Technical Details: 

Allegedly, Bezos & Crown Prince Mohammed met at an LA dinner party, where they exchanged numbers. Following this exchange, Bezos was sent via WhatsApp a message including a video file which, on the surface, seemed to be an telecommunications film in Arabic. After careful analysis, forensic experts concluded that there was nothing wrong or suspicious about the video itself. The mystery arises from a portion of cryptic and unreadable code, the type of code which is usually innocuous and helps WhatsApp transmit messages between users.  However, due to the encryption services of WhatsApp, researchers were unable to assess if the code contained any malicious software. 

Involvement of the Saudi Government 

Saudi Arabia are vehemently denying any involvement with this case of hacking with the Saudi embassy describing the allegations are “absurd”. Yet, there are other details suggesting that the Saudi government had access to Bezos’s phone and personal data. It is possible that the Saudi government was also involved in leaking personal images and messages revealing Bezos’ relationship with a TV anchor in the lead-up to his divorce.  Messages from November 2018 seem to suggest that Crown Prince Mohamad knew of the affair many months before the story became publicly aired. 

Implications for WhatsApp Users: 

For the good and the bad, we are not all billionaire CEO’s of one of the world’s biggest companies, making it less likely for us to be the target of a professional cybersecurity hack. This job is the result of significant investment and expert planning. Professionals warn that by keeping WhatsApp software up-to-date, it is unlikely that a hacking, especially at this size, will occur.