Cybersecurity Group Suspects Chinese Hackers Compromised Indonesian Govt

TEMPO.CO, Jakarta - Claims have emerged involving Chinese hackers breaching internal networks of Indonesian government ministries and agencies, one of which include the state Intelligence Agency (BIN), raising cybersecurity concerns. 

The report came from privately held cybersecurity firm Recorded Future through its media subsidiary The Record, which stated that the intrusion initially was discovered by its research division against threats, Insikt Group.

They linked the security threat to Mustang Panda, a Chinese threat actor known for its cyber-espionage campaigns targeting the Southeast Asian region. Insikt first discovered this in April 2021 when they “detected PlugX malware command and control (C&C) servers, operated by the Mustang Panda group, communicating with hosts inside the networks of the Indonesian government,” their website states.

The series of communications were later traced back to at least March 2021, however, Insikt wrote that the intrusion point and delivery method of the malware are still unclear.

Insikt Group researchers reportedly notified authorities in Indonesia regarding their finding in June this year and then again in July. Officials did not provide feedback for the reports.

The Record claims that the most sensitive target compromised by the cyber attack BIN had not returned requests for comments. 

Read: EHAC Data Breach Case Dropped; Police Find No Attempts of Data Retrieval

THE RECORD | TEMPO.CO