25 June 2024, Kathmandu
Indonesia’s National Data Center suffered a significant cyberattack, disrupting immigration checks at airports and various government services. The attacker demanded a ransom of US$8 million (RM37.7 million), according to the country’s Communications Minister, Budi Arie Setiadi.
Indonesia’s National Data Center Cyberattack
The breach, which occurred last week, led to long queues at immigration desks as automated passport machines were rendered non-functional. The Communications Ministry has since restored these machines to operational status.
Minister Setiadi revealed that the cybercriminal employed a new variant of the notorious Lockbit 3.0 ransomware. This type of malicious software encrypts victims’ data, and hackers typically demand cryptocurrency payments for decryption keys, sometimes threatening to leak or delete data if their demands are not met.
Efforts are currently focused on restoring affected services, including those at the national data centre. Minister Setiadi did not disclose whether any ransom had been paid. Digital forensic investigations are underway, with Semuel Abrijani Pangerapan from the Communications Ministry noting that further details are still being uncovered.
This incident is part of a worrying trend of cyberattacks on Indonesian entities in recent years. Last year, account details of 15 million customers from Bank Syariah Indonesia were reportedly leaked, although the bank did not confirm this. In 2022, Indonesia’s central bank experienced a ransomware attack that did not impact public services, and in 2021, a vulnerability in the health ministry’s Covid app exposed the personal data of 1.3 million people.
Cybersecurity expert Teguh Aprianto described the recent attack as “severe,” highlighting it as the first to cause prolonged disruptions to public services in Indonesia. Aprianto criticized the government’s infrastructure, manpower, and vendors for their apparent inadequacies in handling such cyber threats.
This attack underscores the critical importance of robust cybersecurity measures. For example, Nepalese data centres are encouraged to adopt stringent cybersecurity standards and frameworks, conduct regular assessments, and continuously monitor for vulnerabilities to prevent similar incidents.
As Indonesia works to recover from this cyberattack, the need for enhanced cybersecurity protocols and infrastructure becomes ever more apparent to protect sensitive information and maintain public services.
For more information, see Indonesia’s National Data Center Cyberattack