Indonesia Has No Evidence China Hacked Intelligence Service After Warning by U.S. Company

Indonesian authorities said they uncovered no evidence that their intelligence service's computers were hacked after a private U.S. cybersecurity company warned of a suspected breach of its internal networks by a Chinese hacking group, the Associated Press reported.

The threat research division of Massachusetts-based Recorded Future, the Insikt Group, said the hack was discovered in April. It detected malware servers operated by the "Mustang Panda" hackers with hosts inside the Indonesian government networks.

"We assess that this activity is very likely linked to the Chinese state-sponsored threat activity group Mustang Panda based on our continued tracking of Chinese state-sponsored cyberespionage activity," the company said in an e-mail to AP.

Recorded Future said the group hacked the Badan Intelijen Negara intelligence agency and nine other agencies within the Indonesian government.

For more reporting from the Associated Press, see below.

Indonesia Hack
Indonesian authorities have found no evidence that the country's main intelligence service's computers were compromised after a U.S.-based private cybersecurity company alerted them of a suspected breach of its internal networks by a Chinese hacking group. Tatan Syuflana/AP Photo

Chinese government offices were closed Monday for the Mid-Autumn Festival and could not be reached, but authorities have consistently denied any form of state-sponsored hacking and said China itself is a major target of cyberattacks.

Recorded Future said its experts traced the hack back to as early as March, and the last observed date of the intrusion was August 20.

"We have not seen additional activity targeting BIN since that date," the company said.

After being notified by Recorded Future, BIN investigated the suspected breach together with other agencies and related stakeholders, but found "our server is safe and under control, there is no indication that it was hacked by suspected Chinese hackers," said Wawan Hari Purwanto, a deputy chief and spokesman for the agency.

BIN coordinates information sharing and operations for Indonesia's other intelligence agencies, as well as conducting its own operations. Because of its work, Purwanto said BIN's computers are an attractive target for hackers, and the agency conducts regular checks and maintenance on its systems as a precaution.

He said BIN cooperated with Indonesia's National Cyber and Encryption Agency, the Ministry of Communication and Information Technology and other government agencies to ensure "our network is safe and free from hacking."

The Cyber and Encryption Agency referred all questions to BIN.

Purwanto dismissed the Insikt Group's findings and urged people not to worry that the agency's data had been compromised.

"BIN calls on people to not believe the rumors of hacking of BIN and other government institutions, and to keep checking, rechecking and crosschecking information circulating on internet and social media," he said.