Hack-and-leak operations: intrusion and influence in the Gulf

Abstract

ABSTRACTEvents such as the leaking of hacked emails from the US Democratic National Committee before the 2016 presidential election sit between two paradigms of cybersecurity. The first paradigm focuses on intrusion (unauthorised access to networks), while the second concentrates on influence (the use of digital technologies to shift public debate). Analyses generally tackle one of these two aspects: cybersecurity specialists focus on intrusion, setting aside the complexities of the digital public sphere, while media scholars do the opposite, closely analysing flows of leaked information without considering how it was obtained. This article instead argues for conceptualising hack-and-leak operations (HLOs) as a distinct category, through a close analysis of a crucial HLO that has been overlooked by the cybersecurity literature: the release of documents from the Saudi Ministry of Foreign Affairs by the ‘Yemen Cyber Army’. It proposes a tripartite framework for understanding the impact of HLOs as mechanisms of delegitimization, based on their technical characteristics, social and political context and target audiences. The article suggests that the Yemen Cyber Army incident could have been an experiment for the same Russian actors who carried out the DNC operation, allowing them to hone their tactics prior to the US elections.