Israeli Firms Sold Invasive Surveillance Technology to Indonesia: Report - Latest Global News

Israeli Firms Sold Invasive Surveillance Technology to Indonesia: Report

An international investigation has found that at least four Israel-linked companies sold invasive spyware and cyber surveillance technology to Indonesia, which has no formal diplomatic ties with Israel and is the world’s most populous Muslim country.

Amnesty International’s Security Lab investigation – based on open sources including trading records, shipping data and internet scans – uncovered links between official government departments and agencies in the Southeast Asian country and Israeli technology firms NSO, Candiru, Wintego and Intellexa, a consortium of affiliated companies originally founded by a former Israeli military officer and dating back to at least 2017.

The German company FinFisher, a rival to the Israeli companies whose technology was allegedly used to target government critics in Bahrain and Turkey, is also said to have sent such technology to Indonesia.

Amnesty said there was little insight into the schemes’ objectives.

“Highly invasive spyware tools are designed to be stealthy and leave minimal traces,” the report said. “This built-in secrecy can make it extremely difficult to uncover cases of unlawful misuse of these tools against civil society, and there is a risk that rights violations will remain intentionally unpunished.”

This is “particularly worrying” in Indonesia, where civil society space has “shrinked due to ongoing attacks on the rights to freedom of expression, peaceful assembly and association, personal security and the right to arbitrary detention.”

Concerns about human rights have increased in Indonesia since former general Prabowo Subianto was elected president in February on his third attempt. Prabowo, who will officially take office in October, is accused of serious rights abuses in East Timor and West Papua, where indigenous peoples have been fighting for independence from Indonesia since the 1960s. He denies the allegations made against him.

The report said it “discovered numerous spyware imports or deployments by companies and government agencies in Indonesia, including the Indonesian National Police, between 2017 and 2023.” [Kepala Kepolisian Negara Republik] and the National Cyber ​​and Crypto Agency [Badan Siber dan Sandi Negara]“.

Amnesty said Indonesian police declined to respond to its questions about the research, while the National Crypto and Cyber ​​Agency had not responded to its questions at the time of publication.

The investigation found that several of the imports were processed through intermediary companies in Singapore, “which appear to be brokers with a history of supplying surveillance technology and/or spyware to government entities in Indonesia.”

As part of an investigation lasting several months, Amnesty worked with the Indonesian news magazine Tempo, the Israeli newspaper Haaretz, and news and research organizations based in Greece and Switzerland.

“The opaque and complex ecosystem of spyware and surveillance suppliers, brokers and retailers, as well as complex corporate structures, allow this industry to easily evade accountability and regulation,” Usman Hamid, director of Amnesty International Indonesia, was quoted as saying in Tempo.

This is not the first time that Indonesia has been linked to Israeli spyware. Tempo reported in 2023 that traces of the NSO’s Pegasus spyware, which can infect targeted cell phones without user interaction, were found in Indonesia.

In 2022, Reuters news agency reported that more than a dozen senior Indonesian government and military officials had been attacked with Israeli-made spyware the year before.

Fake websites

Amnesty found evidence that, unlike Pegasus, much of the spyware required the victim to click on a link to go to a website, which were usually the websites of reputable news outlets or politically critical organizations.

Researchers found links between some of the fake websites and IP addresses linked to Wintego, Candiru (now Saito Tech) and Intellexa, known for its one-click spyware Predator.

In the case of Intellexa, the fake websites imitated the Papuan news website Suara Papua as well as Gelora, which is the name of a political party but also an independent news agency.

Amnesty also found that domains linked to Candiru impersonated legitimate Indonesian news sites, including the state news agency ANTARA.

Indonesia currently has no laws regulating the lawful use of spyware and surveillance technologies, but does have laws protecting freedom of expression, peaceful assembly and association, and personal safety. It has also ratified several international human rights treaties, including the International Covenant on Civil and Political Rights (ICCPR).

Amnesty called on the Indonesian government to introduce a ban on this highly invasive spyware.

Citing unnamed sources, Haaretz said NSO and Candiru are not currently active in Indonesia.

It was reported that Singapore subpoenaed a senior Israeli official in the summer of 2020 after “authorities there discovered that Israeli firms had sold advanced digital intelligence technologies to Indonesia.”

In its response to Friday’s findings, NSO cited human rights provisions in response to questions from Haaretz.

“As far as your specific requests are concerned, NSO Group has not provided any active geolocation or mobile endpoint intelligence systems to Indonesia as part of our current human rights due diligence process,” the newspaper was quoted as saying, referring to a framework introduced in 2020.

Intellexa was founded by former Israeli military officer Tal Dilian [File: Yiannis Kourtoglou/Reuters]

Candiru, meanwhile, told Amnesty that it was acting in accordance with Israel’s defense export rules and could neither confirm nor deny the questions raised by the organization.

Wintego did not respond to requests for comment on the research, Haaretz said.

The Israel Defense Export Authority declined to comment on whether it had approved sales to Indonesia.

It told Amnesty that the sale of cyber surveillance systems was only permitted to government entities for “counter-terrorism and law enforcement purposes.”

The United States blacklisted NSO in 2021 over concerns that its phone hacking technology was used by foreign governments to “maliciously target” political dissidents, journalists and activists. The designation makes it difficult for US companies to do business with it.

Candiru and Intellexa are also subject to U.S. trade control regulations.

In March, the U.S. imposed sanctions on Intellexa for “the development, operation, and distribution of commercial spyware technology targeting Americans, including U.S. government officials, journalists, and political experts.”

Sharing Is Caring:

Leave a Comment