About the Bezos Mobile Matter: Who Can Speculate? Everyone
January 22, 2020
I received a couple of communications about the mobile phone allegedly operated by Jeff Bezos, a tireless worker and high profile wealthy genius. A British newspaper suggested that Mr. Bezos’s mobile was compromised. Then the ever reliable Internet began passing along the story. A few moments ago (it is now 0704 am US Eastern on January 22, 2020) I spotted “Saudi Dismisses Reports It Is Behind Hacking of Amazon Boss Bezos’ Phone.”
The write up states:
“Recent media reports that suggest the Kingdom is behind a hacking of Mr Jeff Bezos’ phone are absurd. We call for an investigation on these claims so that we can have all the facts out,” Saudi’s US embassy said in a message posted on Twitter.
First, how many countries’ intelligence agencies have access to specialized software tuned to compromise a mobile device? The correct answer is, “No one is supposed to know.” DarkCyber estimates that specialized tools are available to many countries. Some using software from Europe; others using software from the East; and others relying on basement methods. Zerodium pays for mobile exploits for a reason. Companies like NSO Group want to maintain a low profile for a reason. IBM does not talk about the CyberTap technology it acquired years ago. The list could be expanded, but you will have to attend one of my law enforcement and intelligence lectures to get more information.
Second, how easy is it to spoof one mobile for another? Not as easy as performing other interesting acts. However, there are companies providing a range of hardware and software tools to make this type of spoofing possible. If you want the names of these outfits, that information will not appear in a free blog post. But these outfits are doing business and providing certain unique services. The customers are usually governments, but friends of friends are a reality. Where can these spoofs take place? Think in terms of a coffee shop or a communications control facility.
Third, who did it? The list of possible actors is long. With Amazon’s increasing success in Bahrain, Saudi Arabia, and United Arab Emirates, there are a number of possibles. Would one of these countries attempt to access Mr. Bezos’ mobile? DarkCyber suggests having some facts before disseminating allegations. Certain types of chatter can have interesting downstream consequences; for example, Mr. Snowden’s ability to enjoy the weather in the south of France and Mr. Greenwald’s interactions with the current Brazilian authorities.
Several observations:
- The message is that mobiles are targets
- A high profile individual can be made the center of an international media magnet
- Work is needed to work backwards to determine if a compromise took place, who did it, and why?
In the meantime, there are security gaps everywhere. S3 buckets expose information. Complex systems generate vulnerabilities. Assumptions about cyber access are often wrong.
Where was Amazon’s chief technology officer? At Mr. Bezos’ side? Probably not. That individual was grilling a Facebook executive about access to personal data in Germany.
Perhaps someone is sending a message to Amazon? Who is paying attention? Probably journalists, high profile mobile phone users, and individuals with leverageable information.
Stephen E Arnold, January 22, 2020