Saudi Arabia implicated in phone spying campaign against citizens in US

Saudi Arabia implicated in phone spying campaign against citizens in US
Riyadh has been accused of exploiting weaknesses in the global telecoms network to track the locations of its citizens abroad.
3 min read
29 March, 2020
Riyadh has previously been accused of hacking dissidents' phones using an Israeli spyware [Getty]
Saudi Arabia is suspected of exploiting weaknesses in the global mobile telecoms network to spy on its citizens in the United States, according to a whistleblower.

The whistleblower leaked data to The Guardian that appears to show millions of secret tracking requests from Saudi Arabia over a four-month period starting in November last year.

The requests sought to find the US location of Saudi-registered phones, and appeared to originate from the kingdom's three largest mobile companies.

The whistleblower told The Guardian they were unable to find any reasonable excuse for the volume of requests.

"There is no other explanation, no other technical reason to do this. Saudi Arabia is weaponising mobile technologies," they said.

Telecommunications and security experts who were shown the leaked data also agreed that it constituted evidence of a surveillance campaign by the Saudi state.

The data shows requests for location data routed through the SS7 global messaging system, which allows mobile phone operators to connect users around the world.

For example, a mobile user from Saudi Arabia travelling in the US and seeking to make a call back to the kingdom is routed through the SS7 network.

The SS7 system enables the tracking of phones. In many cases, this is for a perfectly ordinary reason.

When a US carrier receives a Provide Subscriber Information SS7 message, or PSI, from a foreign mobile operator, such requests are normally used to help determine mobile roaming charges.

Excessive use of PSI messages is known to be a hallmark of suspect location tracking, however.

The data seen by The Guardian appears to show that Saudi Arabia's three largest mobile phone operators - Zain, Mobily and Saudi Telecom - sent one US operator a combined average of 2.3m location requests per month between Novermber 2019 and March this year.

It also appears to show that Saudi mobile phones were being tracked as often as two to 13 times per hour as their users travelled through the US.

One of the Saudi operators also apparently sent another type of location requests - Provide Subscriber Location, or PSL, requests - that were blocked by US operators.

John Scott-Railton, a senior researcher at the University of Toronto's Citizen Lab, said the data appeared to show foreign agents "flagrantly abusing" flaws in the US mobile network to track people moving around the country.

"In this moment of crisis, phone companies, regulators and the Department of Justice should step up to prevent foreign powers from tracking us through our phones," he said.

It has previously been widely reported that the Saudi government has used spyware to hack the phones of dissidents abroad.

Amazon chief Jeff Bezos' phone was hacked last year, allegedly after he was sent an image laden with spyware by Saudi Crown Prince Mohammad bin Salman.
[Click to enlarge]

Canada-based Saudi dissident Omar Abdulaziz launched a legal case against an Israeli tech company in 2018 for selling its Pegasus phone-hacking software to Saudi Arabia.

Abdulaziz alleges Saudi Arabia attempted to hack his phone using the software, exposing his communications with Saudi journalist Jamal Khashoggi, with whom he was working on several pro-democracy projects, to prying eyes and ears.

London-based Saudi Ghanem al-Masarir al-Dosari has also accused Riyadh of using the NSO Group's Pegasus spyware to hack his phone.

Follow us on FacebookTwitter and Instagram to stay connected