Google Researchers Call Phone Airlangga Hartarto Hacked By Israeli Spyware, This Was Responding To Spokespersons At The Coordinating Ministry
JAKARTA - A number of high-ranking Indonesian officials are said to be the targets of cyber attacks by companies from Israel. Software used to hack the devices of officials is also classified as very sophisticated.
Quoted from Reuters, the attack on a number of officials used spyware called ForcedEntry. Google's security set also describes it as the most technically advanced "technically" hacking technique they have ever seen.
The officials who were targeted included the Coordinating Minister for Economic Affairs, Airlangga Hartarto. Apart from Airlangga, there are senior military officials, two regional diplomats, and advisers in Indonesia's defense and foreign sectors.
Six of the officials and advisers said they received an email message from Apple in November 2021. The email informed them that Apple believed it had become a "target of a state sponsored attack".
Apple itself did not disclose information about the identity or number of targets. The company also refused to comment on this news.
Security researchers and Apple said the recipients of the warning were the target of ForcedEntry. It is a software used by Israeli cyber reconnaissance company NSO Group.
The company used to help foreign spy agents to remotely take over iPhone controls undetected. Another Israeli cyber company, QuaDream, has developed a similar software.
The use of ForcedEntry was revealed to the public by Citizen Lab's public security monitor in September 2021. Citizen Lab revealed that it found ForcedEntry while analyzing the cellphones of Saudi Arabian activists infected with the Pegasus spyware which was also made by NSO.
"When analyzing the phones of Saudi activists infected with the Pegasus spyware from the NSO Group, we found zero-click exploits of iMesage. The exploit, which we call ForcedEntry, targets Apple's library rendering image, and is highly effective against iOS, MacOS, and WatchOS devices," Citizen Lab wrote.
According to Citizen Lab, ForcedEntry has been in use since at least February 2021. Citizen Lab revealed vulnerabilities and codes to Apple, which has established a CVE-2021-30860 ForcedEntry vulnerability and described vulnerabilities as "processing maliciously created PDFs can lead to the execution of arbitrator codes."
On the other hand, NSO denied that it was involved in an attack on Indonesian officials. According to them, it is "very unlikely technologically and contractally" without describing the reason.
NSO also emphasized that it only sells its products to government entities that are "illegal and legal".
However, Citizen Lab said NSO Group may sell their technology to governments that use it recklessly and violate international law on Human Rights (HAM).
The US government has also included NSO in the list on the Department of Commerce. Ahlasil, a US company will find it very difficult to work with them.
The reason is, the US government sees NSO has been used by foreign governments to spy on politicians around the world.
Reuters itself has not received confirmation from the officials targeted by spyware attacks. The Ministry of Foreign Affairs also transferred a request for confirmation to the National Cyber and Crypto Agency (BSSN).
Spokesperson for the Coordinating Ministry for the Economy, Alia Karenina, gave a response regarding the news that Airlangga Hartarto's cellphone was hacked by an Israeli company. Alia said that basically Airlangga had several cellphones for different purposes, and the type of cellphone was not only an iPhone. In addition, Airlangga's official email account was also not installed on his personal cellphone.
This answered Reuters' report that Airlangga Hartarto was one of a number of high-ranking Indonesian officials targeted by cyber attacks by companies from Israel.
A total of six officials claimed to have received email messages from Apple Inc in November 2021, which informed that Apple believed it was a "target of a state sponsored attack".
"The official email account of the Coordinating Minister for the Economy (official email account) was not installed in the Coordinating Minister Airlangga's personal cellphone. Until now, there have been no notifications or spyware file shipments to the official email," said Alia in her official statement, Friday (30/9/2022).
"Coordinating Minister Airlangga used several cellphones that were used for different purposes, and not only the iPhone," he continued.
Apart from Airlangga, according to Reuters, high-ranking Indonesian officials who were also targeted by the hack were senior military officials, two regional diplomats, and advisers at the Ministry of Defense and the Ministry of Foreign Affairs.