Qatar and football World Cup: accusations of espionage, and an India connection

An investigation in Switzerland has accused Qatar's footbal World Cup campaign of deep irregularities, and there is even an alleged Indian connection. What's really going on?


The new Al Janoub footbal stadium in Qatar.


It was in 2010 that Qatar had won the bid to host the 2022 Fifa World Cup. However, this bid is mired with controversies of espionage and cyber attacks, according to the Swiss Media House, SRF. As the prestigious event comes closer to commencing, a very detailed investigative report compiled by the SRF Investigativ, the Investigative wing of the SRF brings out the story of the global secret operation in connection with this year’s FIFA World Cup. The operation was termed as the 'Project Merciless' and became the main tool for the Qatari state to keep an eye on the major officials of the football association.


This “secret operation” pertains to the claims that the Qatari government spied on the Fifa officials to stay ahead of any prospective attempt to take the bid away from Qatar. As it is claimed, Qatar spent about $387 million across nine years for funding the espionage through intermediaries. To trace the extent of the involvement, Qatar had employed around sixty six operatives over these nine years. This story primarily covers the role of the major intelligence agency hired by the Qatari state, The Global Risk Advisors (GRA). As the records show, this intelligence firm was established by a former CIA agent, Kevin Chalker. The main theatre of operations remained Switzerland as the targets were primarily spied on within the country.


Project Merciless and the GRA


In order to understand the operations in greater detail, it is important to delve into the role that the Global Risk Advisors (GRA) played in carrying out the operations. The firm was founded in 2008 to provide strategic advisory and intelligence services to its clients. It is further interesting to note that most of GRA’s clients have been high profile agencies, government offices, corporations and institutional investors and in this case, it was the Qatari state. The main aim of the firm is to provide four key services in the areas of Research, Intelligence, Knowledge and Security.


This agency played a proactive role in ensuring the security of Qatar’s bid towards hosting the 2022 World Cup by making sure that no new connections are forged that could threaten this development. This espionage mission was termed as the “strategic security plan” to protect the interests of Qatar. Therefore, in order to develop a predictive intelligence capability for the country, the GRA became responsible for collecting unsolicited information of important Football Association officials, the strategic standing committees as well as the Executive Council Members of FIFA.


The documents revealing the details of the Project Merciless clearly state the names of the then Fifa President Sepp Blatter and his associates to be targeted. The main aim of the Project was based on the assumption that there was an international conspiracy at play to take away the hosting bid from Qatar’s hands and this pumped up the project to spy on and even initiate cyber attacks on these officials. As it is clearly mentioned in the presentation of the GRA unearthed by the SRF Investigativ, Qatar needs to adopt an ‘aggressive yet subtle’ strategic approach. In this regard, outsourcing the activities to be conducted by the GRA would give an immunity to the Qatari state and hence avoid any retaliation.


Cyber Attacks on Targeted Officials


One of the most prominent incidents of cybersecurity breaches, the advisor to the then FIFA President Sepp Blatter, Peter Harigatay received a series of strange emails with cryptic attachments. Being vigilant of such suspicious activities, the official did not open the attached files which supposedly contained viruses that could have hacked his personal and official data. Now, Peter Harigatay was a very influential figure in the official FIFA circles and targeting him would be the first major step to penetrate into the official decision making body to have a ‘predictive understanding’ of the events.


It seems that Peter Harigatay was a gateway to get to the confidential information possessed by Sepp Blatter as well the chairman of the Australian Football Association, Frank Lowy. This was because Australia was also a major contender to the bid for hosting the 2022 Fifa World Cup and hence a direct competitor to Qatar. The project to extract sensitive and confidential information by launching cyber attacks on Harigatay, Blatter and Lowy was referred to as the 'Project Clockwork'.


The Project Clockwork launched in 2011 aimed to also launch “Character Denigration Campaigns” against high profile individuals, which may be the reason for the attacks on the personal security data of these individuals. Apart from Harigatay, Blatter and Lowy, the next important person mentioned in the official documents was Theo Zwanzinger, who was the President of the German Football Association at the time. The main aim was to penetrate into these impregnable organisations in order to gather confidential data. Another major reason for the operation Clockwork was to understand the planning and the future intentions of the officials in the International Football Association so as to gauge the impact it would have on the Qatari bid.


Later on in the investigation it is also revealed that Harigatay’s personal computer gets hacked eventually by an intermediary outsourced further by the Global Risk Advisors (GRA). This happened within a month of the approval of the Project Clockwork by the Qatari officials. The reason for this chain of outsourcing the work is primarily based on reducing the risk of being directly involved and also having these activities traced back to the main organisation, in this case the GRA and the State of Qatar.


Another major figure targeted in this connection was Sunil Gulati who has been the president of the US Soccer Federation and hence a potential competitor to the Qatari bid as well. He was targeted by cyber attacks and his personal computer was hacked to retrieve around eight hundred files, some official and some personal.


The Indian Connection


The other curious development in this whole saga is the involvement of an Information Technology Firm based in India called the Appin Security. It seems that the servers of the hackers, as revealed in subsequent investigation, traces back to this firm in India. Appin’s founder Rajat Khare has directly denied any involvement in the case pertaining to the Qatari involvement and maintains that the firm primarily provides “protection against hacker attacks”.


However, as the documents suggest, the company primarily employs a “hacking for hire” model which leads to hacking of different targets based on the clients involved. No detailed investigation was further conducted to trace Appin’s involvement any further, however, all the contacts of the hackers as revealed by the documents, bear the ‘fingerprints’ of the company.


Surveillance in Switzerland


Switzerland played a key role in this story and the majority of the surveillance activities were conducted within the country. As revealed by the SR Investigativ documents, the GRA chief Chalker also conducted secret surveillance on official meetings between FIFA officials and journalists. The documents clearly show the pictures taken during the operations.


In legal and official terms, this counts as espionage which is regarded as a criminal offence. The individuals in Switzerland were benign spied on by a third party intermediary on the order of another state. Chalker’s close connections with the Qatari government officials, even the Chief of Staff of the Qatari Emir’s brother, was the main basis to substantiate the links between the GRA and Qatar. According to the SRF reports, it was an individual named Hassan Al Thawadi to oversee the whole operation on the behalf of his country.


This may be the perfect espionage crime however, not much was accomplished by the investigations conducted by the Zurich police in this regard.


Inertia of the Swiss Authorities


It has been over ten years that this kind of an espionage operation has been up and running against the FIFA Officials. This basically reveals that amidst all the criticism received by the state of Qatar on winning the bid for hosting the FIFA World Cup, it was adamant on securing the state’s position and reputation internationally. For this purpose, the state was even ready to go through the route of committing espionage and cyber attacks on the individuals of particular interest.


However, the question remains, how did such suspicious activities go on for such a long time without any formal action? Even though the activities did come to the attention of the Swiss authorities and the Zurich police, not much was done as a part of tangible actions. Even the investigation into understanding the involvement of Appin Security was abandoned after a point. The Public Prosecution Department closed the investigation eventually and nothing substantial was borne out of the incidents of cyber attacks on such prominent officials.


The Swiss Public Prosecution Department, Global Risk Advisors’ Chief Kevin Chalker, as well as the authorities of the State of Qatar have not offered to give any official statements to the SRF Investigativ.


All $ = USD






124 views0 comments