Indonesia’s national data center was the target of a significant cyberattack last Thursday, resulting in disruption to over 200 government agencies at both the national and regional levels. The group responsible for the attack has demanded an $8 million ransom in exchange for access to the compromised data. However, the Indonesian government has unequivocally stated its refusal to pay the ransom.
Samuel Abrijani Pangerapan, the director general of informatics applications with the Communications and Informatics Ministry, has confirmed that efforts are currently underway to restore the affected government services. While some services, such as immigration, have been reinstated, others, like investment licensing, are still being recovered.
Herlan Wijanarko, the director of network & IT solutions at PT Telkom Indonesia, has disclosed that the hackers have encrypted the data and are offering a decryption key in exchange for the ransom. Investigations are ongoing, and authorities are working diligently to regain control of the compromised data.
In a statement to the press, Communications and Informatics Minister Budi Arie Setiadi firmly declared that the government will not yield to the ransom demands. The National Cyber and Crypto Agency is presently conducting forensics while simultaneously continuing efforts to recover and secure the data.
Hinsa Siburian, the head of the National Cyber and Crypto Agency, has confirmed that samples of the Lockbit 3.0 ransomware were found in connection to the attack. Pratama Persadha, chairman of Indonesia’s Cybersecurity Research Institute, characterized the cyberattack as the most severe in a series of ransomware attacks targeting Indonesian government agencies and companies since 2017.
The attack has sparked concerns about the country’s cyber infrastructure and server systems. Persadha underscored the importance of having a robust backup system in place to automatically take over the main server during cyberattacks, suggesting that such measures could potentially mitigate the impact of future incidents.
This recent attack is not the first time Indonesia has faced cybersecurity challenges. Previous incidents include a ransomware attack on the central bank in 2022 and the hacking of the health ministry’s COVID-19 app in 2021, which compromised the personal data of 1.3 million individuals. Additionally, a hacker group known as the LockBit ransomware claimed to have stolen 1.5 terabytes of data from Indonesia’s largest Islamic bank, Bank Syariah Indonesia.
As Indonesia continues to grapple with cybersecurity threats, it is imperative for the government and relevant authorities to fortify their defenses and establish more resilient security measures to safeguard sensitive data and critical infrastructure.
This incident serves as a sobering reminder of the growing prevalence and sophistication of cyber threats, not only in Indonesia but globally. With the ever-increasing reliance on digital systems, the need for robust cybersecurity measures has never been greater.
Leave a Reply