Incident I00066: The online war between Qatar and Saudi Arabia

Summary: “In the early hours of 24 May 2017, a news story appeared on the website of Qatar's official news agency, QNA, reporting that the country's emir, Sheikh Tamim bin Hamad al-Thani, had made an astonishing speech.

[…]

“Qatar claimed that the QNA had been hacked. And they said the hack was designed to deliberately spread fake news about the country's leader and its foreign policies. The Qataris specifically blamed UAE, an allegation later repeated by a Washington Post report which cited US intelligence sources. The UAE categorically denied those reports.

“But the story of the emir's speech unleashed a media free-for-all. Within minutes, Saudi and UAE-owned TV networks - Al Arabiya and Sky News Arabia - picked up on the comments attributed to al-Thani. Both networks accused Qatar of funding extremist groups and of destabilising the region.”

This incident demonstrates how a hack of a mainstream news agency website allowed for an inauthentic narrative to be given a level of credibility which caused significant political fallout.
incident type: incident
Year started: 2017.0
Countries: , Qatar
Found via:
Date added: 2024-03-12

Reference	Pub Date	Authors	Org	Archive
https://www.bbc.co.uk/news/blogs-trending-44294826	2018/06/03	Owen Pinnell	BBC News	https://web.archive.org/web/20180605001510/https://www.bbc.com/news/blogs-trending-44294826

Technique	Description given for this incident
T0141.002 Acquire Compromised Website	IT00000216 "In the early hours of 24 May 2017, a news story appeared on the website of Qatar's official news agency, QNA, reporting that the country's emir, Sheikh Tamim bin Hamad al-Thani, had made an astonishing speech." "[…] "Qatar claimed that the QNA had been hacked. And they said the hack was designed to deliberately spread fake news about the country's leader and its foreign policies. The Qataris specifically blamed UAE, an allegation later repeated by a Washington Post report which cited US intelligence sources. The UAE categorically denied those reports. "But the story of the emir's speech unleashed a media free-for-all. Within minutes, Saudi and UAE-owned TV networks - Al Arabiya and Sky News Arabia - picked up on the comments attributed to al-Thani. Both networks accused Qatar of funding extremist groups and of destabilising the region." This incident demonstrates how threat actors used T0141.002: Acquire Compromised Website to allow for an inauthentic narrative to be given a level of credibility which caused significant political fallout.

Technique

Description given for this incident

T0141.002 Acquire Compromised Website

IT00000216 "In the early hours of 24 May 2017, a news story appeared on the website of Qatar's official news agency, QNA, reporting that the country's emir, Sheikh Tamim bin Hamad al-Thani, had made an astonishing speech."

"[…]

"Qatar claimed that the QNA had been hacked. And they said the hack was designed to deliberately spread fake news about the country's leader and its foreign policies. The Qataris specifically blamed UAE, an allegation later repeated by a Washington Post report which cited US intelligence sources. The UAE categorically denied those reports.

"But the story of the emir's speech unleashed a media free-for-all. Within minutes, Saudi and UAE-owned TV networks - Al Arabiya and Sky News Arabia - picked up on the comments attributed to al-Thani. Both networks accused Qatar of funding extremist groups and of destabilising the region."

This incident demonstrates how threat actors used T0141.002: Acquire Compromised Website to allow for an inauthentic narrative to be given a level of credibility which caused significant political fallout.

DO NOT EDIT ABOVE THIS LINE - PLEASE ADD NOTES BELOW

3.0 KiB Raw Permalink Blame History

Incident I00066: The online war between Qatar and Saudi Arabia

3.0 KiB

Raw Permalink Blame History