Israeli spyware firm reportedly targeted Indonesia officials

More than a dozen officials targeted last year included senior government and military personnel, diplomats and advisers, says Reuters, citing nine people with knowledge of the matter.

NSO spokesperson denies the company's software was involved in the targeting of Indonesian officials.
Reuters Archive

NSO spokesperson denies the company's software was involved in the targeting of Indonesian officials.

More than a dozen senior Indonesian government and military officials were targeted last year with spy software designed by an Israeli surveillance firm, according to nine people with knowledge of the matter.

Six of the individuals told the Reuters news agency they were targeted themselves.

The targets included Chief Economic Minister Airlangga Hartarto, senior military personnel, two regional diplomats, and advisers in Indonesia's defence and foreign affairs ministries, according to the people.

Six of the Indonesian officials and advisers targeted told Reuters they received an email message from Apple Inc in November 2021 telling them that Apple believed officials were being "targeted by state-sponsored attackers."

Apple has not disclosed the identities or number of users targeted. 

Apple and security researchers have said the recipients of the warnings were targeted using ForcedEntry, an advanced piece of software that has been used by Israeli cyber surveillance vendor NSO Group to help foreign spy agencies remotely and invisibly take control of iPhones.

Another Israeli cyber firm, QuaDream, has developed a nearly identical hacking tool, Reuters has reported.

The attempt to target Indonesian officials, which has not previously been reported, is one of the biggest cases yet seen of the software being used against government, military and defence ministry personnel, according to cybersecurity experts.

READ MORE: Israeli police admit using spyware without warrant to target citizens

NSO denies accusations

The use of ForcedEntry, which exploits a flaw in iPhones through a new hacking technique that requires no user interactions, was made public by cybersecurity watchdog Citizen Lab in September 2021.

Google security researchers described it as the "most technically sophisticated" hacking attack they had ever seen, in a company blog post published in December.

Apple patched the vulnerability in September last year and in November started sending notification messages to what it called a "small number of users that it discovered may have been targeted."

In response to Reuters questions, an NSO spokesperson denied the company's software was involved in the targeting of Indonesian officials, dismissing it as "contractually and technologically impossible," without specifying why.

The company, which does not disclose the identity of its customers, says it sells its products only to "vetted and legitimate" government entities.

In addition to the six officials and advisers who told Reuters they were targeted, a director at a state-owned Indonesian firm that provides weapons to the Indonesian army got the same message from Apple, according to two people with knowledge of the matter. 

Within weeks of Apple's notification in November last year, the US government added NSO to the Department of Commerce's "entity list," which makes it harder for US companies to do business with it, after determining that the firm's phone-hacking technology had been used by foreign governments to "maliciously target" political dissidents around the world.

READ MORE: Apple sues Israel's NSO firm, calls it 'amoral 21st-century mercenaries'

Route 6