The New York Times Wrote About Computer Hackers Charged by the US and Israel. Differently.

On March 24, 2016 the New York Times wrote an article about Israel’s arrest of a computer hacker breaking into sensitive military computers. The next day, the paper wrote about the United States charging several Iranian computer hackers attacking the United States. Similar stories should get similar coverage, right?  Not when one party is Israel.

A comparison of the two stories can provide a primer for how the NY Times continues to portray Israel in a negative light:

  1. Use of Headlines.
  2. Using soft or harsh language.
  3. Quoting insiders and outsiders.
  4. Statement of fact versus charges.
  5. Providing background on fear of attacks.
  6. Pictures of targets (or none).
  7. Use of multiple reporters covering different sides of the story

Use of Headlines

The Times article on Iranian hackers attacking the US was titled U.S. Indicts 7 Iranians in Cyberattacks on Banks and a Dam.”  The article clearly laid out that Iranians committed cyberattacks. No question.

The article about the Israeli arrest had a different approach to the headline: “Family Sees TV Talent Scout Where Israeli Authorities See Jihadist Spy.” In this case, there is a difference of opinion about the facts. Israelis perceive evil, while others see a normal working person.

The Israeli situation is not cut-and-dry. The US is cracking down on attacks, while the Israelis are arresting people who may simply work for a fun media company.

New York Times article with headline questioning Israeli arrest

Soft versus Harsh Language

The article about the hacker against Israel describe a “young man” on an “innocent” mission. The age and supposed profession of the hacker was given.

The US story mentioned only the attackers’ names with no ages. The only color given for the individuals were their “online handles” including “Nitr0jen26,” “PLuS,”and “Turk Server,” making them all appear guilty.

Selection of Quotes

An often used strategy of twisting the narrative of a story is carefully selecting the parties who provide personal color to the events.

For Israel, the only quotes about the arrest came from Palestinians: a spokesman for the terrorist group Islamic Jihad, and the accused’s brother (I’m not making it up- his brother). The quotes include many denials, and accusations against Israel.

In the article about the US arrest, no Iranians were interviewed (nor any of the accused family members- imagine that). Quotes came from the indictment itself, Senator Chuck Schumer, and the head of the national security department of the Justice Department.

Guess which way the quotes tilted in each case?

Statement of Facts versus Charges

This subtle and directed approach is often used by the New York Times.

The article’s description of the Israeli arrest is couched in cautionary, inconclusive language: “according to Israeli authorities” or “”according to the charge sheet” and “the Shin Bet says,” are followed by statements.  The NY Times aim is to clarify that the charges against the hackers are not necessarily true.  Maybe cyberattacks happened, maybe they didn’t.  Maybe this is the person responsible, maybe he isn’t.  The paper is just reporting what they culled from Israeli authorities.

Compare that use of cautionary language to the article about the attacks against US targets.  Those attacks were all described as factual; there is no language that suggests that hacking attacks did not happen, the question is why the attacks happened.

For example, in the attack on the dam the Times wrote “It appeared to be an effort to take over the dam itself,” meaning, the attack is a fact, but it is unclear if the attackers wanted to fully control the entirety of the dam.  There was no caveat of “according to US investigators.”


The US story included information about the recent US-Iranian negotiations around the Iranian nuclear power program. It stated that “the indictment appeared to be part of an American effort to keep Iran from shifting activity from its nuclear program to its growing corps of cyberwarriors.”

However, the article on Israel mentioned nothing about the current attacks by Palestinian Arabs against Israelis, nor the missile attacks and wars launched from Gaza over the past eight years.

In other words, America was rational in trying to protect itself against Iran. Meanwhile, Israel’s arrest was seemingly made in a vacuum to “create frustration among Gazans,” as a quote said.

Use of Pictures

The story about Iranians attacking American targets included a picture of US Attorney General Loretta Lynch, and one of the targets of the cyberattacks- a dam in suburb of New York City. The picture added to the significance of the story and fear of the attack.

The Israeli story featured no pictures. Hacking into the country’s airports and drones was not prominently featured with accompanying photos. There were no captions that highlighted Israeli’s fears.

New York Times Photo accompanying article:
Caption: “Cyberattackers attempted to gain control of the Bowman Dam in Rye, a suburb of New York, in 2013. The effort failed, but worried American investigators because it was aimed at seizing a piece of infrastructure.
Credit Christopher Capozziello for The New York Times”

Use of Reporters

The long article by David Sanger about the US arrests did not rely on any other reporters. However, the Israeli article which was half the length of the US story, used two reporters: “Isabel Kershner reported from Jerusalem, and Majd Al Waheidi from Gaza.

Such wonderful balance!


Newspapers can write up a story in any manner they see fit. It is not surprising that an American paper would side strongly in its reporting with the United States and against its foes. One would imagine that papers treat American allies in much the same manner.

Not the New York Times for Israel.

As seen above and analyzed often in FirstOneThrough, the New York Times skews its reporting against Israel and in favor of Palestinians.

New York Times on US indictment of Iranian hackers

The articles from the New York Times:

Article on Israeli arrest of cyberhackers:

“JERUSALEM — The young man was on his way out of Gaza on an innocent-seeming mission: to scout potential contestants for his embryonicPalestinians Got Talent” television show and meet the show’s West Bank staff in Ramallah. He had an Israeli permit for the journey.

But the Israeli authorities say the would-be impresario — Majd Oweida, 22 — had been doing something sinister: spying for Iranian-backed extremists.

They arrested Mr. Oweida at the Erez checkpoint last month, and on Wednesday they charged him in an Israeli court with, among other things, hacking into computers at Israel’s international airport and intercepting transmissions from the country’s military drones.

The charge sheet says he was recruited by the Palestinian Islamic Jihad group about five years ago. He soon became the group’s cyber expert, the Israeli authorities said, and developed software that allowed Islamic Jihad to monitor road traffic and the movement of security forces in Israel; to view video images from Israeli air force drones in real time as they flew over Gaza; and to track flights in and out of Ben Gurion Airport near Tel Aviv and see lists of the passengers on board.

According to Israel’s Shin Bet security agency, Mr. Oweida has confessed to developing the hacking programs and showing his Islamic Jihad handler how to use them.

Dawood Shehab, a spokesman for Islamic Jihad in Gaza, said the group knew nothing about Mr. Oweida or anybody else mentioned in the case.

“I believe there is exaggeration about his arrest,” Mr. Shehab said on Wednesday in a telephone interview. “All I can say is that Israel always uses cheap techniques and ways to use our young men and pressure them and create frustration among Gazans.”

Shin Bet, he added, “wants to prove to their people that they can do something, and the victim is usually our young people.”

Mr. Oweida’s brother, Amjad Oweida, 23, the executive director of “Palestinians Got Talent,” said his family was shocked by the charges and denied that Majd, the show’s general supervisor, had ties to Islamic Jihad or any other Palestinian faction.

“He is just a talented young man who can use and work on computers in a brilliant way,” Amjad Oweida said of his younger brother. “He cannot hack or do cyberattacks.” He added: “Majd did not work for Islamic Jihad or any other political party. He used to work for Palestine’s Talent Club to help talented people leave Gaza for TV programs outside.”

According to the charge sheet, Mr. Oweida met his Islamic Jihad handler, Ismail Dahdouh, by chance sometime in 2011 at Mr. Oweida’s father’s electrical appliance store, and told Mr. Dahdouh that he was looking for work. The charge sheet said Islamic Jihad started Mr. Oweida off as a sound engineer and host at a radio station affiliated with the group’s student union, and was soon asking him to develop hacking programs as well.

The first cybertarget, the charge sheet said, was a computer system that keeps track of movement on Israel’s roads; hacking that system allowed Islamic Jihad to spot where in Israel the rockets fired from Gaza had landed. About a year later it was the drones.

The authorities said Mr. Oweida told Mr. Dahdouh that he needed a frequency reader, a satellite dish with an Amos Satellite lens and a laptop computer for the project. Mr. Dahdouh obtained the equipment from the United States and smuggled it into Gaza through tunnels from Egypt, according to the court documents. Israel said that the frequency reader stopped being able to penetrate the drone systems’ transmissions sometime in 2014.

The authorities say Mr. Oweida is suspected of having broken into the airport system in part by stealing the identity of an American man who had access to the data. Mr. Oweida is also accused of hacking into the Hamas-run Interior Ministry in Gaza to obtain the Palestinian population registry for Islamic Jihad’s use.

Hamas, the Islamic militant group that controls Gaza, said on Wednesday that it had no information about the case.

Mr. Oweida was traveling with a group of other young Gazans working for the talent show when he arrived at the Erez checkpoint on Feb. 23. Two Israeli soldiers arrived and took him into custody.”


Article on US arrest of cyberhackers:

WASHINGTON — The Justice Department on Thursday unsealed an indictment against seven computer specialists who regularly worked for Iran’s Islamic Revolutionary Guards Corps, charging that they carried out cyberattacks on dozens of American banks and tried to take over the controls of a small dam in a suburb of New York.

The indictment, while long expected, represents the first time the Obama administration had sought action against Iranians for a wave of computer attacks on the United States that began in 2011 and proceeded for more than a year, paralyzing some banks and freezing customers out of online banking.

The indictment stops short of charging that the attacks were directed by the Revolutionary Guards, a branch of the Iranian military. But it referred to the seven Iranians as “experienced computer hackers” who “performed work on behalf of the Iranian government, including the Islamic Revolutionary Guards Corps.”

Nothing in the indictment addresses the motives for the attacks. But intelligence experts have long speculated that the cyberactions directed at roughly four dozen financial institutions — including JPMorgan Chase, Bank of America, Capital One and PNC Bank — were intended to be retaliation for an American-led cyberattack on Iran’s main nuclear enrichment plant. That attack, which employed the so-called Stuxnet virus, was revealed in 2010.

All of the Iranian attacks — which, the indictment said, included actions against the New York Stock Exchange and AT&T — were “distributed denial of service” attacks, often called DDoS attacks. In those assaults, the target’s computers are overwhelmed by coordinated computer requests from thousands of machines around the world. The targeted networks often crash, putting them out of service for some period.


Attorney General Loretta E. Lynch announced an indictment against seven Iranians who are believed to have attempted to hack into several American banks and a dam in New York.

But the case of the Bowman Dam in Rye, N.Y., was entirely different: It appeared to be an effort to take over the dam itself. The attempt failed because the dam was under repair and offline, but in some ways it worried American investigators more because it was aimed at seizing control of a piece of infrastructure.

“The most likely conclusion is that it was a warning shot” from the Iranians, who were saying, “‘Don’t pick on us, because we can pick on you,’” said Senator Chuck Schumer, Democrat of New York.

But Mr. Schumer said that the lesson from this case was “not that we should not employ cyberweapons, but that we should be able to protect ourselves.”

It is doubtful that any of the named Iranians will ever appear in an American courtroom. In that respect, the indictment is similar to one the Justice Department issued two years ago against members of Unit 61398 of the People’s Liberation Army of China, which it accused of stealing data from American corporations. The Chinese have never been arrested.

But the administration argues that such indictments send a strong signal and make it difficult for those who are indicted to travel, for fear of extradition.

On Tuesday, the Justice Department indicted two other hackers who it said were members of the Syrian Electronic Army, which has supported the government of Bashar al-Assad, and it believes that it has a chance to gain custody of one of them. On Wednesday, the department obtained a guilty plea from a Chinese national living in Canada, Su Bin, whom it accused of mounting a cybercampaign to steal the designs of military aircraft from Boeing, on behalf of Chinese intelligence agents.

The Iran indictment comes eight months after the nuclear deal reached between Tehran and six other nations, including the United States, which appeared to be putting Tehran and Washington on a track toward a more productive relationship after 35 years of enmity. But Iranian missile launches in recent months — also organized by the Guards — have led to calls in Congress for new sanctions.

The indictment appeared to be part of an American effort to keep Iran from shifting activity from its nuclear program to its growing corps of cyberwarriors, some of whom work directly for the government, while others, like those named in the indictment, seem to be contractors.

As a measure of the importance the administration placed on the indictment, it was announced by Attorney General Loretta E. Lynch, in a news conference in Washington with Preet Bharara, the United States attorney for the Southern District of New York, where the indictment was handed up. It was unclear how long it had been under seal.

The Iranians named in the indictment included Ahmad Fathi, Hamid Firoozi, Amin Shokohi and Sadegh Ahmadzadegan, who went by the online handle of “Nitr0jen26.” Also named were Omid Ghaffarinia, known as “PLuS,” Sina Keissar and Nader Saedi, also known as “Turk Server.” Their whereabouts was not described, but some worked for a firm the indictment called the ITSec Team, and some for the Mersad Company, both described as security companies in Iran.

John P. Carlin, who heads the national security division of the Justice Department, said in an interview that the indictments arose from a new approach within the Obama administration. “Prior to 2012, we dealt with these cases as intelligence matters,” which were hard to bring to court, Mr. Carlin said, because the evidence was classified. “Now we are following traditional investigative rules,” he said, assembling data that can be entered into court records.

Iran’s computer networks have been a primary target of the National Security Agency for years, and it is likely that in penetrating those networks — for intelligence purposes or potential sabotage — the N.S.A. could have traced the attacks to specific computers, IP addresses or individuals.

But naming individuals, some experts suggested, could lead to retaliation. Jason Healey, a cyberconflict expert at Columbia University and the Atlantic Council, asked in a Twitter post on Thursday whether naming individuals, rather than governments, put cyberoperators for the National Security Agency and the Central Intelligence Agency “at risk for similar indictments.”

Related First.One.Through articles:

New York Times Lies about the Gentleness of Zionism

Every Picture Tells a Story: Arab Injuries over Jewish Deaths

The New York Times Refuses to Label Hamas a Terrorist Group

Framing the Israeli-Palestinian Arab Conflict: WSJ and NY Times

Every Picture Tells a Story: Versions of Reality

Subscribe YouTube channel: FirstOneThrough

Join Facebook group: FirstOne Through  Israel Analysis

7 thoughts on “The New York Times Wrote About Computer Hackers Charged by the US and Israel. Differently.

  1. Pingback: If Palestinians are Scared, it Must be Real | FirstOneThrough

  2. Pingback: Eyes Wide Shut | FirstOneThrough

  3. Pingback: Social Media’s “Fake News” and Mainstream Media’s Half-Truths | FirstOneThrough

  4. Pingback: Why Does the New York Times Delete Stories of Attacks on Jews? | FirstOneThrough

  5. Pingback: The New York Times Knows It’s Israeli Right from It’s Palestinian Moderates | FirstOneThrough

  6. Pingback: A Review of the The New York Times Anti-Israel Bias | FirstOneThrough

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s