Trial of accused Saudi spy at Twitter delayed until next year


A federal court has delayed the trial of a former Twitter employee who is accused of using the social media platform to spy for the Saudi government on its critics.

Now delayed until next summer, the trial of Ahmad Abouammo has been anticipated as a peek behind the curtain on the efforts of a foreign government allegedly seeking to use an American tech company to identify its political opponents. 

The Abouammo case, originally scheduled to go to trial this year in San Francisco, promises to reveal details about how the kingdom of Saudi Arabia allegedly cultivated insiders and infiltrated Twitter at its California headquarters. 

The U.S. government has accused Mr. Abouammo and another Twitter employee of accessing nonpublic information on people of interest to Saudi Arabia and providing it to the Saudi regime. 

In exchange for about $320,000 in gifts and payments, Mr. Abouammo abused his position as Twitter’s media partnerships manager for the Middle East and North Africa from 2013 to 2015 to hand over private information on Twitter users to the Saudi regime, federal prosecutors said. The private information includes details about relationships, device identifiers, phone numbers, and other things, they said.

The regime also sought special assistance from Mr. Abouammo in getting a Saudi royal family member’s Twitter account “verified” with the company’s signature checkmark of approval. 

According to a 2020 indictment, Mr. Abouammo direct messaged his Saudi minder through Twitter saying, “proactive and reactively we will delete evil my brother.”

The Justice Department first charged Mr. Abouammo in 2019 with failing to register as a foreign agent and obstruction of justice. Then it issued a new indictment in 2020 accusing him of more crimes, including wire fraud and money laundering. 

Mr. Abouammo’s federal public defender and U.S. prosecutors have argued over when the trial should begin.

Mr. Aboumammo’s representatives cited paperwork headaches — reviewing hundreds of thousands of pages of documents — among their reasons to have the trial delayed until March 2022. 

Prosecutors sought to have the trial begin before the end of 2021 and said Mr. Abouammo’s team was hiding a foreign mystery witness from the government.

Assistant U.S. Attorney Colin Christopher Sampson last week told U.S. District Judge Edward M. Chen that Mr. Abouammo’s team indicated the witness was outside the U.S. and beyond the jurisdiction of a government subpoena.

“Your honor, should the U.S. justice system grind to a halt because of the scheduling conflict of one undisclosed defense witness?” Mr. Sampson said during a court hearing over Zoom last week. 

The new trial date is June 2022. Neither Mr. Sampso nor Mr. Abouammo’s public defender responded to requests for comment to explain the change. 

Twitter declined to comment, including about whether it changed its hiring and internal security practices. 

Fast-growing companies with high-value intellectual property from Twitter to Tesla are facing insider threats that jeopardize the security of a business’s information and the data it holds on its users. 

Legal disputes involving foreign insider threats or social engineering hacks, in which a company’s employee is manipulated by someone externally, do not always get resolved at trial. 

Egor Igorevich Kriuchkov, a Russian man, pleaded guilty earlier this year to a conspiracy to pay a Tesla employee to install malicious software as part of a ransomware plot, according to reports.

Kriuchkov, 27, apologized for his actions and was set to be deported, according to The Associated Press.   

The government did not name Tesla in its accusations, but Tesla CEO Elon Musk acknowledged the news of Kriuchov’s guilty plea on Twitter in a Russian-language message translated in English as, “crime and punishment.”

Kriuchov’s effort to hit Tesla with ransomware was not the action of a Russian cybercriminal working alone, according to Christopher Burgess, who worked as an officer at CIA for several decades. 

The Russian’s actions detailed in the U.S. government’s complaint indicated that Kriuchov was participating in “an effort led by a well-financed and logistically nimble organization,” Mr. Burgess wrote for in August.

“Based on the manner of the approach, it is clear that the Russians had conducted operational surveillance of the organization in question, the network, and had a means to identify employees,” wrote Mr. Burgess. “The fact that they targeted a non-U.S. citizen employee and one who spoke Russian, implies their research and surveillance has a nexus in Russia.”

Kriuchov offered the Tesla employee $500,000 in 2020 to install the malicious software, according to the FBI’s complaint. The employee instead provided the FBI with information, and Kriuchov was arrested in Los Angeles. 

Relying on employees to report approaches by Saudis, Russians and others can prove calamitous for information security professionals tasked with blocking hackers from manipulating employees to do their bidding. 

For National Insider Threat Awareness Month in September, the Biden administration launched a website intended to help government workers and private businesses recognize behaviors of concern and reduce risks.

Sign up for Daily Newsletters

View original post