Sept 30 (Reuters) - More than a dozen senior Indonesian
government and military officials were targeted last year with
spy software designed by an Israeli surveillance firm, according
to nine people with knowledge of the matter.
Six of the individuals told Reuters they were targeted
themselves.
The targets included Chief Economic Minister Airlangga
Hartarto, senior military personnel, two regional diplomats, and
advisers in Indonesia's defence and foreign affairs ministries,
according to the people.
Six of the Indonesian officials and advisers targeted told
Reuters they received an email message from Apple Inc
in November 2021 telling them that Apple believed officials were
being "targeted by state-sponsored attackers."
Apple has not disclosed the identities or number of users
targeted. The company declined to comment for this story.
Apple and security researchers have said the recipients of
the warnings were targeted using ForcedEntry, an advanced piece
of software that has been used by Israeli cyber surveillance
vendor NSO Group to help foreign spy agencies remotely and
invisibly take control of iPhones. Another Israeli cyber firm,
QuaDream, has developed a nearly identical hacking tool, Reuters
has reported.
Reuters was unable to determine who made or used the spyware
to target the Indonesian officials, whether the attempts were
successful, and, if so, what the hackers might have obtained.
The attempt to target Indonesian officials, which has not
previously been reported, is one of the biggest cases yet seen
of the software being used against government, military
and defence ministry personnel, according to cybersecurity
experts.
Spokespeople for the Indonesian government, the Indonesian
military, the Indonesian Defence Ministry and the Indonesian
Cyber and Crypto Agency (BSSN) did not respond to requests for
comments and emailed questions.
A spokesman for the Foreign Affairs Ministry said they
were unaware of the case and referred Reuters to BSSN.
Alia Karenina, a spokesperson for Airlangga's ministry, said
the minister, a top ally of Indonesia's President Joko Widodo,
did not receive any notification from Apple about the attempted
hack on his official email account.
She said the minister has not installed his official email
on his personal phone and uses multiple mobile devices. Alia
did not respond to questions on whether other emails used by
Airlangga received a warning from Apple.
The use of ForcedEntry, which exploits a flaw in iPhones
through a new hacking technique that requires no user
interactions, was made public by cybersecurity watchdog Citizen
Lab in September 2021. Google security researchers described it
as the "most technically sophisticated" hacking attack they had
ever seen, in a company blog post published in December.
Apple patched the vulnerability in September last year and
in November started sending notification messages to what it
called a "small number of users that it discovered may have been
targeted."
In response to Reuters questions, an NSO spokesperson denied
the company’s software was involved in the targeting of
Indonesian officials, dismissing it as "contractually and
technologically impossible," without specifying why. The
company, which does not disclose the identity of its customers,
says it sells its products only to "vetted and legitimate"
government entities.
QuaDream did not respond to requests for comment.
In addition to the six officials and advisers who told
Reuters they were targeted, a director at a state-owned
Indonesian firm that provides weapons to the Indonesian army got
the same message from Apple, according to two people with
knowledge of the matter. The people asked not to be identified
due to the sensitivity of the matter. The company director did
not respond to requests for comment.
Within weeks of Apple's notification in November last year,
the U.S. government added NSO to the Department of Commerce's
'entity list,' which makes it harder for U.S. companies to do
business with it, after determining that the firm's
phone-hacking technology had been used by foreign governments to
"maliciously target" political dissidents around the world.
