Half a dozen officials who testified to Reuters said they had received emails at the end of last year from Apple Inc indicating that their iPhones were very likely being targeted.

The ForcedEntry software, which analysts say may have been used in the hacking attempts, would have allowed hackers to remotely and discreetly spy on the targets and take control of their mobile devices.

The advanced software has been used by Israeli cyber surveillance vendor NSO Group to help foreign spy agencies remotely and invisibly take control of iPhones. Another Israeli cyber firm, QuaDream, has developed a nearly identical hacking tool, Reuters reported.

Reuters was unable to determine who made or used the spyware to target the Indonesian officials, whether the attempts were successful or, if they were, what the hackers might have obtained.

The sources added that targets included several senior advisors from the Foreign Ministry and the Defense Ministry, as well as Coordinating Economic Affairs Minister Airlangga Hartanto and senior Indonesian Military (TNI) personnel.

A spokesperson for coordinating ministry, Alia Karenina, told The Jakarta Post on Friday that Airlangga had “not received any notification or emails” regarding the spyware and noted that he operated multiple devices that were not linked to the ministry’s email account.

Satriyo Wibowo, a cybersecurity expert from the Indonesia Cyber Security Forum (ICSF), told the Post that ForcedEntry was among the most sophisticated hacking tools in existence.

“Even the highest level of cybersecurity would have bugs that are vulnerable to the hacking activities [of ForcedEntry],” he said on Friday.

“But this tool is exorbitantly expensive and offered by contract. [...] According to my understanding, ForcedEntry sells various packages. Its customers can send over the numbers they wish to be hacked, and then hackers [from ForcedEntry] will carry out the activities.”

On top of the six officials, an unnamed director of a State-Owned Enterprise (SOE) dealing in providing weapons to the Indonesian Military (TNI) also received similar alerts from Apple, the report said. 

On the same day, Edi Prio Pambuni, Airlangga’s deputy minister, told the Post that he was not aware of the report. A representative of the TNI denied that any of its members had been hacked. One official from the Foreign Ministry said he was unaware of the attack, while another was unable to provide an official response. 

The National Cyber and Encryption Agency (BSSN) did not respond to the Post’s requests for comment.

Reuters said an NSO spokesperson denied that the company’s software had been involved in the targeting of the officials. QuaDream did not respond to requests for comment.

Not the first time

If the recent reports are confirmed, it would be the biggest espionage scandal in the country in over a decade.

In 2010, United States whistleblower Edward Snowden told certain news outlets that Australian spies had hacked devices belonging to former president Susilo Bambang Yudhoyono, which set off a huge diplomatic spat and soured Indonesia’s relations with Australia under former prime minister Kevin Rudd’s administration.

The then-president’s wife, a defense minister and the communications and information minister were also hacked by the Australian Defense Signals Directorate.

NSO itself came under scrutiny last year after its “Pegasus” spyware was allegedly linked to the mass surveillance of journalists and rights defenders worldwide. NSO denied the media reports.

Indonesia’s cybersecurity landscape has already been under close scrutiny after multiple hacking cases, personal data leaks and high-profile cyberbullying attempts occurred both domestically and internationally.

In late August, a hacker using the pseudonym Bjorka broke into multiple government systems and put the data therein up for sale online. In one instance, he made 679,180 documents, including confidential letters between President Joko “Jokowi” Widodo and the State Intelligence Agency (BIN), available for purchase on a hacking forum. The government denied that any sensitive information was compromised.

More recently, 24 journalists and several other employees – including human resources and corporate finance staffers – from media company Narasi claimed to have been hacked by unknown actors. The Alliance of Independent Journalists (AJI) said this was the biggest assault on press freedom in at least the last four years.

Hackers have also previously told the Post in interviews that Indonesian websites had “many vulnerabilities”, including government pages.

— Deni Ghifari and Fadhil Haidar Sulaeman contributed to this report.