UAE cyber firm DarkMatter slowly steps out of the shadows

By JON GAMBRELL Features Associated Press

DarkMatter, a growing cybersecurity company in the United Arab Emirates that's recruited Western intelligence analysts, is stepping out of the shadows amid concerns by activists about its power and potential targets.

Continue Reading Below

The company's founder and CEO, Faisal al-Bannai, says DarkMatter takes part in no hacking, although he acknowledges the firm's close business ties to the Emirati government, as well as its hiring of former CIA and National Security Agency analysts.

Activists warn such expertise could be used to target human rights campaigners, some of whom already have been jailed in the UAE, a major U.S. ally in the Mideast.

Al-Bannai told The Associated Press his company carefully chooses its clients, while leaving the ethical decisions about privacy and surveillance in wielding its powerful technology to its governmental customers, which include the Dubai police.

"Ignoring that use, in my view, would be silly," he said. "I think tackling that issue and saying, 'What is the right balance,' is the right question and the one I think everyone is trying to figure out."

Surveillance is prolific across the UAE, a federation of seven sheikhdoms on the Arabian Peninsula. Flashing cameras capture license plates of vehicles pulling into gas stations. At Dubai's Mall of the Emirates, home to an indoor ski slope, shoppers can use a kiosk to find their cars via the mall's surveillance system.

Continue Reading Below

Authorities say surveillance keeps the UAE safe. Surveillance footage helped authorities quickly identify the woman who stabbed an American school teacher to death at an Abu Dhabi mall in 2014.

It also aided Dubai police in identifying members of what it described as an Israeli hit squad that killed an operative with the Palestinian militant Hamas group in 2010, an attack never acknowledged by Israel.

For al-Bannai, whose father is a retired major general with the Dubai police, cybersecurity seemed like a good bet after he found success with his mobile phone reselling firm Axiom Telecom. He formed DarkMatter in 2015 and today, he said the company has some 650 employees. Most work out of its headquarters in the disc-shaped Aldar building along a major highway connecting Dubai and Abu Dhabi. The firm also has research-and-development centers in China, Finland and Toronto, he said.

"The only country in the region that's strong in cybersecurity is Israel," al-Bannai told foreign journalists who visited DarkMatter on Tuesday. "Other than that, it's blank."

He described DarkMatter as entirely privately held, with a customer base that is 80 percent government agencies and 20 percent commercial. He declined to name specific clients, but many suspect they include the Signals Intelligence Agency, the Emirati version of the NSA. The agency is also registered as having offices in the Aldar building.

"Frankly, it's an alignment of the stars," al-Bannai said of DarkMatter's government contracts. "It is a pure commercial transaction with them."

Since its inception, rumors have swirled around DarkMatter.

Some hackers described receiving aggressive, repeated job offers by the firm. An Italian hacker wrote a blog post in 2016 alleging that DarkMatter tried to hire him through a third-party recruiter who described the company as setting up a vast domestic spying infrastructure, something denied by al-Bannai.

However, human rights activists and others have been targeted by hacks suspected to be directed, if not carried out, by the Emirati government.

Emirati activist Ahmed Mansoor became famous in August 2016 when he worked with security experts to reveal three previously undisclosed weaknesses in Apple's mobile operating system after he was allegedly targeted with a phishing text message he didn't open.

Mansoor and others believed the United Arab Emirates was behind the attack, as it involved so-called "zero day" exploits — flaws in programming that hackers can use to potentially install spyware or gain control of a system — that can be worth over a million dollars each. Mansoor was arrested by UAE authorities last March for his online posts. Authorities later said he was being held at Abu Dhabi's central prison and had "the freedom to hire a lawyer" and receive family visits.

Another hacking campaign targeting Mansoor and others, dubbed "Stealth Falcon," also appeared to be coordinated by the government, said Bill Marczak, a research fellow at Citizen Lab. DarkMatter's close work with the Emirati government, and the experience of its staff, raised flags about the company, Marczak said.

"When you're talking about human rights activists like Ahmed Mansoor ... there's nothing he can do and the government gets access to him and his contacts and then can take further actions against his contacts," he said. "It's one thing to use them against people you may think are committing terrorist acts or criminal acts, but using them against someone who is just kind of sitting around their living room tweeting, it seems kind of disproportionate."

Al-Bannai said DarkMatter had no depository of "zero day" exploits, nor did it take part in so-called "offensive hacking." He pointed to one of the company's signature products, a secure mobile phone called "Katim," or "silence" in Arabic, as showing the firm's interest in defensive technology.

He added that DarkMatter hired CIA, NSA and other ex-government employees for their experience.

"If you think an NSA guy is a spooky guy, the NSA guy is the one protecting you in the U.S.," al-Bannai said. "These are not the bad guys."

He did, however, acknowledge that questions remain about how much information authorities should have and be able to use.

Pegasus, a DarkMatter subsidiary, now has a "big data" contract with Dubai police. An example offered by al-Bannai suggested police could be able to pool hours of surveillance video to track anyone in the emirate.

"My team knows what they're building," he said. "If they thought they were building funny stuff, they wouldn't be here."

___

Follow Jon Gambrell on Twitter at www.twitter.com/jongambrellap. His work can be found at http://apne.ws/2galNpz.