Spate of high-profile hacks
Initially, tensions flared after the state-run Qatar News Agency posted controversial statements May 23, allegedly made by the young Qatari emir, Sheikh Tamim Bin Hamad al-Thani. The comments affirmed the good relations between Qatar and a number of other countries and organizations, including Iran, the Muslim Brotherhood and Hamas.
Thani also allegedly noted the importance of Iran as a regional power — an apparent dig at attempts by Saudi King Salman bin Abdul Aziz and President Trump to isolate Iran during last month’s summit in Riyadh.
Qatari officials quickly denied that Thani made such comments and claimed their news agency — and its various social media accounts — had been hacked. Despite this, the Saudi and UAE press showed an almost unequivocal desire to dismiss the hacking story, instead accusing Qatar of supporting terrorism in the form of Hamas, the Muslim Brotherhood and Iran.
In what is unlikely to be a coincidence, an anonymous group of hackers describing themselves as “GlobalLeaks” then released a trove of emails belonging to the Emirati ambassador to the United States, Yousef al-Otaiba. The emails, which appear to be genuine, showed extensive communication between the UAE and the Foundation for the Defense of Democracies, a pro-Israel, Washington-based think tank. Much of the discussion is between Otaiba, and John Hannah, FDD’s senior counselor and a former U.S. deputy national security adviser.
The correspondence suggests a certain determination from the UAE to prevent Iran from allowing its recent nuclear deal with the West to improve its position in the region.
Tellingly, a proposed agenda for a meeting between UAE officials and the FDD included a discussion on UAE/U.S. policies that could help influence Iran’s internal situation. This would include various political, economic, military and “cyber tools.” What these cyber tools mean is not elaborated on, although the conversation reveals the opaque roles certain organizations play in manipulating regional politics.
The mobilization of Twitter bot armies
The hacks came after Qatar said they were recently targeted by an orchestrated smear campaign, accusing them of supporting terrorist groups. Qatar’s claims seem credible. Just four days before Qatar’s hacking claims, an Arabic hashtag translated as Qatar is the treasury of terrorism was trending. On the hashtag, social media accounts — many of them bots — echoed similar themes of criticizing Qatar for its relationship with Iran, the Muslim Brotherhood and Hamas.
After the alleged emails purporting that Thani made pro-Iranian comments were published, a resurgence of the bot armies appeared on Twitter, most of which criticized Qatar and the various entities highlighted in the communications between the FDD and Otaiba. My analysis shows the presence of propaganda bots on numerous hashtags. One of these Twitter trends was #AlJazeeraInsultsKingSalman, and my analysis shows 20 percent of the Twitter accounts were anti-Qatar-bots. Many of them were posting well-produced images condemning Qatar’s relations with Hamas, Iran and the Muslim Brotherhood.
Other images shared in the Twitter campaign singled out Qatar’s media channels as sources of misinformation. Almost all of the bot accounts tweeted support toward King Salman and Saudi’s new relationship with Trump. During the Riyadh summit, these same bots posted thousands of tweets welcoming Trump to Saudi Arabia.
What these bot armies represent is not an organic outpouring of genuine public anger at Qatar or Thani, but rather an orchestrated and organized campaign designed to raise the prominence of a particular idea. In the case of these bots, the intent appears to be legitimizing the discourse that Qatar is a supporter of terrorism by creating the misleading impression of a popular groundswell of opinion.
The fact that these bot armies existed before Qatar’s claims that they were hacked — and were in place quickly following the alleged hacks — indicate that an institution or organization with substantial resources has a vested interest in popularizing their criticism of Qatar. The purpose of this cyber propaganda may also be to shape the online discourse in favor of pressuring Qatar to abandon any thought of rapprochement with certain organizations or countries.
New frontiers in Gulf cyberwarfare
Who is behind these hacks is unclear, but given that much of the bot propaganda appears to be the sewing of animosity between the Arab states and Iran, there is danger to regional stability if left unchecked. Twitter — once seen as an important resource for disseminating news across the GCC — may become a wasteland in terms of finding useful information from non-verified sources, undermining its usefulness as a tool for generating legitimate discussions.
All the Gulf states have stringent freedom of expression laws that carefully control the Internet and the media — and monitor the behavior of their own citizens. Yet what’s interesting about the recent public display is that it highlights the use of cyber tools as forms of intra-GCC diplomatic warfare, tactics previously directed at countries like Iran, and not usually neighboring Gulf states.
With Trump’s recent visit to Riyadh designed in part to shore up Gulf support for fighting Islamist terrorism, Qatar’s perceived conciliatory approach to groups deemed by the Saudis to be terrorists is seen as weakening the alliance. Emboldened by Trump’s hostility to Iran, it is likely that the UAE and Saudi Arabia felt confident in using the summit as a foundation for tackling their issues with Qatar’s policies. However, as Qatar leaders have attempted to position themselves as mediators in disputes involving regional pariahs such as Iran and Hamas, forcing Qatar to toe an uncompromising line may be detrimental in terms of using diplomacy to improve overall regional stability.
Marc Owen Jones is a Gulf research fellow at the Institute of Arab and Islamic Studies at the University of Exeter, and a researcher at Bahrain Watch.