Commenting on reports that an account associated with the Saudi Crown Prince may have hacked Amazon founder Jeff Bezos's phone, Mark Skilton, Professor of Practice in the Information Systems Management ISM Group at Warwick Business School, said:

“As described, this is a typical example of a hidden “worm” attack planting malicious code by using the familiarity of emails - or in this case text messages - to compromise a victim.

“If reports are accurate, the fall out of this appears to have exfiltrated data from Jeff Bezos’ phone that could have been used for fraud, spying and many other consequences. It raises questions about the personal security of high profile people who, with some help from security experts, could have added additional protection to the phone to prevent 3rd party downloads of video files.

“The case also highlights wider issues of national spying, the exploitation of personal data of victims to damage reputations, and very serious issues of terrorism, acts of violence and the ability to protect free speech and protect citizens from harm and manipulation.

“While the reports suggest a Saudi attack we need to also ask if there are other adversaries involved in this who may have compromised the Saudi account. And where did the code come from? There are many questions.”

22 January 2020