The Saudi Interior Ministry said Friday that several government Web sites have come under attack in a campaign hackers are calling #OpSaudi.
Hackers who identify with the loose hacking collective Anonymous have aimed at several government Web sites, including the Saudi Ministry of Finance, General Intelligence Presidency, the Ministry of Foreign Affairs, and the Directorate General of Passports, as well as sites for several major Saudi provinces, including Makkah and Jeddah.
Most of the sites are facing distributed denial of service, or DDoS, attacks, in which hackers flood each site with traffic until they collapse under the load. But hackers claimed to have also broken into some sites through a so-called SQL injection, in which attackers exploit a software vulnerability and enter commands that cause a database to produce its contents. In one case, the Twitter account for @AnonySaudi claimed to delete the database of a Saudi Web server.
Hackers say their motive is twofold. On Twitter, some claim the #OpSaudi campaign is in retaliation for unconfirmed reports of a rape and murder in Saudi Arabia. Some Tweets include links to YouTube videos which show images of a naked body dumped on the side of a road. The attacks also followed an announcement by Matthew Rosenfield, the well-known security researcher who goes by the hacker handle Moxie Marlinspike, that Mobily, a major Saudi telecommunications company, approached him about assisting in a continuing Saudi surveillance project.
In a widely circulated blog post Monday, Mr. Marlinspike said he learned that on behalf of a Saudi “regulator,” Mobily is working to intercept mobile app data for communication tools including Twitter and free mobile messaging apps like Viber, Line and WhatsApp that send messages over the Web. He published his e-mail correspondence with an executive at Mobily, which showed the company is developing the ability to monitor mobile data communication and already has the ability to block it.
Mr. Marlinspike told Yasser D. Alruhaily, a Mobily security executive, that he declined the job for privacy reasons. Mr. Alruhaily replied, “I know that already and I have same thoughts like you freedom and respecting privacy, actually Saudi has a big terrorist problem and they are misusing these services for spreading terrorism and contacting and spreading their cause that’s why I took this and I seek your help,” he wrote. “If you are not interested than maybe you are on indirectly helping those who curb the freedom with their brutal activities.”
Mobily spokesman denied contacting Mr. Marlinspike. ”Mobily or its employees never communicated with the author of this blog,” the company told Reuters. “Mobily communicates with information security companies only based on legal and lawful requirements. We never communicate with hackers. Moreover, it is not our job to spy on customers.”
On Friday, the Mobily Web site was among the growing number of Saudi Web sites that #OpSaudi had taken offline.