Issued by CEMO Center - Paris
ad a b
ad ad ad

Campaign of spying and blackmail for Qatar

Saturday 04/July/2020 - 12:53 PM
The Reference

A diplomatic confidant of Jared Kushner was hacked by former CIA agents working for the Gulf state of Qatar as part of a years-long campaign of spying and blackmail, new court documents claim.

The former agents are accused of illegal computer hacking by Donald Trump's one-time fundraiser, Elliott Broidy, who alleges Qatar paid $100million to private consulting firm Global Risk Advisors (GRA).

The company and its ex-spy founder Kevin Chalker used hackers with experience in the US Special Forces and intelligence branches to further the Gulf state's foreign policy and even 'intercepted sensitive and private information of U.S. Citizens,' according to a federal lawsuit.

Broidy accuses Qatar of paying GRA for years to hack, surveil or silence:

A top Middle Eastern diplomat who was reportedly 'in constant contact' with Jared Kushner and close to other 'high-ranking' US officials; American citizens who were outspoken critics of the Gulf nation; Soccer executives and investigators probing alleged bribery in Qatar's World Cup hosting bid; At least 1,000 others around the world.

Broidy, the former deputy finance chairman of the Republican National Committee and a prominent backer of President Donald Trump, sued Chalker and GRA last year for allegedly hacking his emails and leaking them to the press in 2018, claiming it was done because of his criticism of Qatar.

The emails – which Broidy claims were partly fabricated and taken out of context – sparked a flurry of embarrassing stories about the ex-GOP fundraiser and reportedly fueled a criminal investigation into his dealings with foreign nations.

That year Broidy was also hit with claims of impregnating a former Playboy model, Shera Behcard.

He negotiated a $1.6 million settlement with the woman using Michael Cohen, then Trump's attorney, now an enemy of the president who is on early release from his sentence for campaign finance violations and other offenses.

Broidy filed an amended complaint in the New York federal case against GRA on Friday.

GRA's lawyer told the allegations were false and that Broidy 'has a well-documented history of dishonesty'. Qatar has previously denied hacking.

In his 112-page filing, Broidy described Chalker and his company as criminals willing to break laws and sell private information regardless of the implications for American interests for millions of dollars.

The former GOP fundraiser even claimed that the ex-CIA agent took his staff to New York strip club Sapphire Gentleman's Club to celebrate the launch of their alleged hack on Broidy's emails in December 2017.

'Since its founding, GRA's business model has been to sell decades' worth of U.S. covert operations training and surveillance skills for lucrative sums to foreign clients like Qatar (by far GRA's biggest client), regardless of the implications for Americans or American interests,' the bombshell lawsuit claimed.

'GRA is comprised of former national security and military personnel trained in all levels of cyber warfare. Founded and led by Kevin Chalker, a former CIA officer and cyberwarfare expert, GRA specifically employs experienced hackers from the intelligence and military communities.

'Qatar turned to GRA for support in hacking, surveillance, and using the resulting materials to denigrate and silence those whom the wealthy emirate viewed as potential threats.'

Hacking Kushner's confidant

Broidy's lawsuit claims GRA was paid tens of millions of dollars for a hack that ultimately gathered information on senior US officials.

The court documents claimed GRA infiltrated the private communications of the powerful and well-connected ambassador to the U.S. for Qatar's Gulf rival the United Arab Emirates (UAE) and leaked them to the media in 2017.

The lawsuit referenced a 2017 Huffington Post article which claimed UAE Ambassador Yousef Al Otaiba was 'in almost constant phone and email contact' with Trump's son-in-law and advisor Jared Kushner. Their relationship was first detailed by Politico.

The leaked emails also revealed Otaiba's communications with Trump's close friend and former chair of his inaugural committee, Tom Barrack.

The reason for the hack on the Emirati diplomat, according to the legal papers, was to discredit Otaiba and intimidate and silence top American officials who criticized Qatar.

'Because he is among the most the politically connected foreign diplomats based in the U.S., the hacking and surveillance of the Ambassador also intercepted sensitive and private information of U.S. citizens, including high-ranking U.S. government officials,' the lawsuit claimed.

The documents added that the hack on Otaiba was 'an effort to improve Qatar's image with the United States by not only discrediting him, but also intimidating (and ultimately silencing) U.S. government officials and both critics and potential critics of Qatar.

One example of the chilling effect of the hack claimed in the lawsuit was the DC think tank the Foundation for the Defense of Democracies (FDD), which had previously been critical of Qatar.

The complaint claimed that FDD Executive Director Mark Dubowitz told Broidy that the think tank would 'no longer publicly criticize the wealthy emirate because they feared potential Qatari reprisal' after learning their emails were caught up in the Otaiba hack.

A spokesman for the think tank told FDD 'calls balls and strikes as we see them and has never backed down from challenging Qatar's malign activities, as shown by our many public analyses.'

The court documents claimed the hack on Otaiba was 'masterminded' by Chalker's employee, former CIA agent Denis Mandich, with help from Chalker, GRA's Chief Security Officer Antonio Garcia, and former GRA employee John Sabin who was previously identified by the New York Times as a 'former hacker for the National Security Agency.'

The documents claimed that Chalker began paying Mandich 'off-books' in 2016, at least six months before Mandich retired from the CIA in 2017.

The legal documents said that around August 2017 GRA 'reached an agreement on a broad cybersecurity and surveillance arrangement' with the Qatari government which 'called for GRA to work directly with Qatar's Special Forces and intelligence collection agencies, including on cybersecurity, surveillance, and countersurveillance.'

Spying on US citizens

The legal documents say Qatar paid GRA to target more than 1,000 people with illegal cyber attacks.

Alleged targets included American citizens such as political columnist and anti-Qatar activist Rabbi Shmuley Boteach, as well as senior government officials of Qatar's Gulf neighbors.

Other American citizens included James Lamond, a project manager at the Center for American Progress, a leading Democratic think tank; Kristin Wood, an advisor at  Culpeper National Security Solutions, a security consultancy and allegedly a former CIA staffer; Rick Sterling, an investigative journalist and apparent advocate for the Assad regime in Syria; and Dina Darweesh, a physician in Baltimore who has called for the U.S. not to support 'Arab autocrats.'

The lawsuit claimed GRA would 'spy on politically active American citizens seen by Qatar as potential threats to its interests.'

The data they collected, which included 'highly personal information on American citizens' obtained by hacking, would be compiled in reports and hand-delivered to a senior Qatari government official every two to three months, the legal filing said.

The court documents said that GRA's alleged illegal hacking campaigns were termed 'special projects', and were separately invoiced to offshore companies, including two of Chalker's Gibraltar-based firms, Bernoulli Limited and Toccum Limited.

In December 2017, after the hack on Otaiba but before Broidy's hack, the two companies held more than $40million in cash, according to the lawsuit.

The court documents said many of GRA's hackers worked from the company's office in Northern Virginia, headed by 'a former CIA official with information security expertise' and were referred to within the company as the 'Reston Group'.

Reston is the name of a town in Northern Virginia near to the CIA headquarters.

The group included 'a software engineer formerly with the military, a former member of the Army's special operations forces, and others with prior work experience in cyberwarfare,' according to the lawsuit.

Broidy's filing claimed that one of the Reston Group, GRA's Chief Security Officer Anthony Garcia, 'wiped and then physically destroyed the electronic evidence in Northern Virginia and New York related to the hacking,' after the former Republican fundraiser filed his first lawsuit over the hacks in 2018.

GRA's lawyer denied all Broidy's claims of wrongdoing.

Hacking the World Cup

Broidy's lawsuit claimed Qatar first hired Chalker after he retired from the CIA in 2008 to help run a huge propaganda and hacking campaign to beat America in the competition to host the 2022 FIFA World Cup soccer tournament – a prize worth billions of dollars to Qatar.

Ever since winning hosting rights for the tournament, Qatar's bid has been dogged by allegations of corruption, including in an April legal filing by the US Department of Justice which accused the Arab state of bribing FIFA officials to win.

After FIFA launched an investigation in 2012 into alleged bribery in Qatar's World Cup bid, GRA convinced the Arab state to 'fund an operation to use hacking and surveillance targeting FIFA executive committee members and related parties to gain 'predictive intelligence' and 'total information awareness',' the lawsuit said.

The purpose, according to Broidy's filing, was both to intercept discussions of investigators and to 'acquire blackmail- and extortion-type information that could be used to silence targeted individuals.'

The 2012 investigation was led by Michael Garcia, a former senior Department of Homeland Security official who is now a New York appeals court judge.

GRA's cyber-attack targeted 'numerous executives and investigators', including FIFA's then-Secretary General Jérôme Valcke, the legal documents claimed.

The lawsuit claimed GRA made a successful sales pitch to Qatar which referred to teams of 'white hat' operatives for legitimate work and 10 'black hat' operatives, which the lawsuit described as being used 'for the covert work, such as hacking and real-time electronic surveillance.'

GRA's pitch, according to the court filing, had a requested price tag which 'exceeded $500 million.' The lawsuit claims that the firm was paid a total of well over $100 million for all its work with Qatar.

Broidy's original suit against Qatar was thrown out due to the country's diplomatic immunity. The ex-GOP fundraiser refiled his case against Chalker and his company in a New York federal court last year.

Broidy's lawyers told Tuesday that their legal filing had 'detailed evidence' and accused GRA of 'continuing to hide behind legal maneuvers and dubious claims like 'derivative' sovereign immunity to stonewall and prevent the discovery process that would force them to produce evidence in this case.'

The legal counsel for Chalker, GRA and its affiliates, Orin Snyder, told Broidy's allegations are false.