# Incident I00066: The online war between Qatar and Saudi Arabia
* **Summary:** “In the early hours of 24 May 2017, a news story appeared on the website of Qatar's official news agency, QNA, reporting that the country's emir, Sheikh Tamim bin Hamad al-Thani, had made an astonishing speech.
[…]
“Qatar claimed that the QNA had been hacked. And they said the hack was designed to deliberately spread fake news about the country's leader and its foreign policies. The Qataris specifically blamed UAE, an allegation later repeated by a Washington Post report which cited US intelligence sources. The UAE categorically denied those reports.
“But the story of the emir's speech unleashed a media free-for-all. Within minutes, Saudi and UAE-owned TV networks - Al Arabiya and Sky News Arabia - picked up on the comments attributed to al-Thani. Both networks accused Qatar of funding extremist groups and of destabilising the region.”
This incident demonstrates how a hack of a mainstream news agency website allowed for an inauthentic narrative to be given a level of credibility which caused significant political fallout.
* **incident type**: incident
* **Year started:** 2017.0
* **Countries:** , Qatar
* **Found via:**
* **Date added:** 2024-03-12
| Reference | Pub Date | Authors | Org | Archive |
| --------- | -------- | ------- | --- | ------- |
| [https://www.bbc.co.uk/news/blogs-trending-44294826](https://www.bbc.co.uk/news/blogs-trending-44294826) | 2018/06/03 | Owen Pinnell | BBC News | [https://web.archive.org/web/20180605001510/https://www.bbc.com/news/blogs-trending-44294826](https://web.archive.org/web/20180605001510/https://www.bbc.com/news/blogs-trending-44294826) |
| Technique | Description given for this incident |
| --------- | ------------------------- |
| [T0150.005 Compromised Asset](../../generated_pages/techniques/T0150.005.md) | IT00000216 _"In the early hours of 24 May 2017, a news story appeared on the website of Qatar's official news agency, QNA, reporting that the country's emir, Sheikh Tamim bin Hamad al-Thani, had made an astonishing speech."_
_"[…]_
_"Qatar claimed that the QNA had been hacked. And they said the hack was designed to deliberately spread fake news about the country's leader and its foreign policies. The Qataris specifically blamed UAE, an allegation later repeated by a Washington Post report which cited US intelligence sources. The UAE categorically denied those reports._
_"But the story of the emir's speech unleashed a media free-for-all. Within minutes, Saudi and UAE-owned TV networks - Al Arabiya and Sky News Arabia - picked up on the comments attributed to al-Thani. Both networks accused Qatar of funding extremist groups and of destabilising the region."_
This incident demonstrates how threat actors used a compromised website to allow for an inauthentic narrative to be given a level of credibility which caused significant political fallout (T0097.202: News Outlet Persona, T0143.003: Impersonated Persona, T0152.004: Website Asset, T0150.005: Compromised Asset). |
DO NOT EDIT ABOVE THIS LINE - PLEASE ADD NOTES BELOW