ASEAN HEADLINE-SOCIETY | INDONESIA: Public service disruptions continue as cyberattack recovery falters
Passengers line up on Feb. 8, 2024, to reach a row of check-in counters at Terminal 3 of Soekarno-Hatta International Airport in Tangerang, Banten. (Antara/Muhammad Iqbal)
.
.
.
Indonesians are still being affected by last week’s ransomware attack on a temporary national data center (PDN) that disrupted public services, with some calling for the government to take responsibility for failing to properly secure their personal data.
READ MORE: https://www.thejakartapost.com/indonesia/2024/06/26/public-service-disruptions-continue-as-cyberattack-recovery-falters.html
This article was published in thejakartapost.com with the title “”. Click to read: https://www.thejakartapost.com/.
Radhiyya Indra
(The Jakarta Post)
…
More than 40 Indonesian agencies hit by cyberattack on data centers
JAKARTA, Indonesia – More than 40 Indonesian agencies, including the ministry overseeing immigration, were impacted by a cyberattack on the country’s data centers, an official said on Wednesday, June 26.
The latest cyberattack, the worst that the country has experienced in recent years, disrupted immigration services and affected operations at Indonesia’s major airports for days.
Forty-four government agencies, including key ministries, were targets of the ransomware attack, said Usman Kansong, an official from the communications ministry.
Data at five agencies, including immigration services and the coordinating ministry of investment, have been restored, and the government is working to restore data at 39 other agencies, he said.
“We expect the data at 18 government agencies to be restored by the end of this month,” Usman said.
In a joint press conference with the ministry, Telkom Group director Harlan Wijanarko tried to assure Indonesians by saying that their data was secure.
“We have isolated the system in the national data center so no one can enter it. We cut the access from the outside,” he said, adding that they were still investigating the cause of the attack.
The Telkom group operates two major data centers in Indonesia, one in the capital city of Jakarta and the other in Surabaya.
All government agencies in Indonesia rely on these centres to store data. The Surabaya data centre was the target of the attack.
…
Indonesia’s communications ministry announced earlier this week that the attacker had used malicious software called Lockbit 3.0 and demanded an $8 million ransom, which the government refused.
The Lockbit cybercrime group is notorious for using ransomware to digitally extort its victims.
Ransom software works by encrypting victims’ data. Hackers can offer a key in return for payments in millions of dollars, typically through cryptocurrency. – Rappler.com
Indonesia won’t pay $8M ransom after cyberattack hits nat’l data center
FILE – Officers check the passports of passengers leaving for Singapore at the immigration checkpoint of the Bandar Bentan Telani ferry terminal on Bintan Island, Indonesia, Wednesday, May 15, 2024. Indonesian authorities said Monday that the country’s national data center was compromised by a cyber attack, disrupting public services including the immigration check points and asked for an $8 million ransom. (AP Photo/Dita Alangkara, File)JAKARTA, Indonesia — Indonesia’s national data center has been compromised by a hacking group asking for a $8 million ransom that the government says it won’t pay.
The cyberattack has disrupted services of more than 200 government agencies at both the national and regional levels since last Thursday, said Samuel Abrijani Pangerapan, the director general of informatics applications with the Communications and Informatics Ministry.
READ: Car dealers in US revert to pens, paper after cyberattacks on software provider
Some government services have returned — immigration services at airports and elsewhere are now functional — but efforts continue at restoring other services such as investment licensing, Pangerapan told reporters Monday.
The attackers have held data hostage and offered a key for access in return for the $8 million ransom, said PT Telkom Indonesia’s director of network & IT solutions, Herlan Wijanarko, without giving further details.
Wijanarko said the company, in collaboration with authorities at home and abroad, is investigating and trying to break the encryption that made data inaccessible.
Communication and Informatics Minister Budi Arie Setiadi told journalists that the government won’t pay the ransom.
“We have tried our best to carry out recovery while the (National Cyber and Crypto Agency) is currently carrying out forensics,” Setiadi added.
The head of that agency, Hinsa Siburian, said they had detected samples of the Lockbit 3.0 ransomware.
READ: Hackers gain access to sensitive DOST data
Pratama Persadha, Indonesia’s Cybersecurity Research Institute chairman, said the current cyberattack was the most severe in a series of ransomware attacks that have hit Indonesian government agencies and companies since 2017.
“The disruption to the national data center and days-long needed to recover the system means this ransomware attack was extraordinary,” Persadha said. “It shows that our cyber infrastructure and its server systems were not being handled well.”
He said a ransomware attack would be meaningless if the government had a good backup that could automatically take over the main server of the national data center during a cyberattack.
Indonesia’s central bank was attacked by ransomware in 2022 but public services were not affected. The health ministry’s COVID-19 app was hacked in 2021, exposing the personal data and health status of 1.3 million people.
Last year, an intelligence platform that monitors malicious activities in cyberspace, Dark Tracer, revealed that a hacker group known as the LockBit ransomware had claimed to have stolen 1.5 terabytes of data managed by Indonesia’s largest Islamic bank, Bank Syariah Indonesia.
@[email protected]
