Indonesia says no evidence of alleged Chinese intel hack

A man visits a hacker community website at a house in Jakarta, Indonesia, Monday, Sept. 20, 2021. Indonesian authorities have found no evidence that the country's main intelligence service's computers were compromised, after a U.S.-based private cybersecurity company alerted them of a suspected breach of its internal networks by a Chinese hacking group, an official said. (AP Photo/Tatan Syuflana) (Tatan Syuflana, Copyright 2021 The Associated Press. All rights reserved.)

JAKARTA – Indonesian authorities have found no evidence that the country's main intelligence service's computers were compromised, after a U.S.-based private cybersecurity company alerted them of a suspected breach of its internal networks by a Chinese hacking group, an official said.

The Insikt Group, the threat research division of Massachusetts-based Recorded Future, said it discovered the hack in April when it detected malware servers operated by the “Mustang Panda” group communicating with hosts inside Indonesian government networks.

Recommended Videos



The activity targeted the Badan Intelijen Negara, or BIN, intelligence agency as well as nine other Indonesian government agencies, Recorded Future said.

“We assess that this activity is very likely linked to the Chinese state-sponsored threat activity group Mustang Panda based on our continued tracking of Chinese state-sponsored cyberespionage activity,” the company said in an e-mail to The Associated Press.

Chinese government offices were closed Monday for the Mid-Autumn Festival and could not be reached, but authorities have consistently denied any form of state-sponsored hacking and said China itself is a major target of cyberattacks.

Recorded Future said its experts traced the hack back to as early as March, and the last observed date of the intrusion was Aug. 20.

“We have not seen additional activity targeting BIN since that date,” the company said.

After being notified by Recorded Future, BIN investigated the suspected breach together with other agencies and related stakeholders, but found “our server is safe and under control, there is no indication that it was hacked by suspected Chinese hackers,” said Wawan Hari Purwanto, a deputy chief and spokesman for the agency.

BIN coordinates information sharing and operations for Indonesia's other intelligence agencies, as well as conducting its own operations. Because of its work, Purwanto said BIN's computers are an attractive target for hackers, and the agency conducts regular checks and maintenance on its systems as a precaution.

He said BIN cooperated with Indonesia’s National Cyber and Encryption Agency, the Ministry of Communication and Information Technology and other government agencies to ensure “our network is safe and free from hacking.”

The Cyber and Encryption Agency referred all questions to BIN.

Purwanto dismissed the Insikt Group's findings and urged people not to worry that the agency's data had been compromised.

“BIN calls on people to not believe the rumors of hacking of BIN and other government institutions, and to keep checking, rechecking and crosschecking information circulating on internet and social media,” he said.

___

Rising reported from Bangkok.