Indonesia's Data Disaster: Major Cyberattack Exposes Vulnerabilities
A recent ransomware cyberattack on the Indonesian government exposed critical vulnerabilities due to the lack of backed-up data. Affecting over 230 public agencies, the attack has disrupted essential services like immigration and airport operations. Officials have faced criticism, and calls for the communications minister's resignation have grown. The malicious software used was Lockbit 3.0.
- Country:
- Indonesia
The bulk of Indonesian government data affected by a recent ransomware cyberattack was not backed up, officials said, in an incident that has exposed the lack of preparations for such an attack in Southeast Asia's biggest economy. Last week's cyberattack, the worst in the country in recent years, has disrupted multiple government services including immigration and operations at major airports.
The government has said more than 230 public agencies, including ministries, had been affected, but has refused to pay an $8 million ransom demanded to retrieve the encrypted data. Hinsa Siburian, an official who chairs Indonesia's cyber security agency known by its acronym BSSN, said 98% of the government data stored in one of the two compromised data centres had not been backed up.
"Generally we see the main problem is governance and there is no back-up," he told a parliamentary hearing late on Thursday. Some lawmakers dismissed the explanation.
"If there is no back up, that's not a lack of governance," said Meutya Hafid, the chair of the commission overseeing the incident. "That's stupidity". A BSSN spokesperson did not immediately respond when asked whether it would be possible to recover the encrypted data.
Budi Arie Setiadi, Indonesia's communications minister, said the ministry had back-up capacity at the data centres, but it was optional for government agencies to use the service. He said government agencies did not back up the data due to budget constraints, adding this would soon be made mandatory.
The cyberattack has sparked criticism of the minister on social media in Indonesia. Digital advocacy group SAFEnet started a petition calling for Budi's resignation, citing his lack of responsibility over repeated cyber attacks.
Budi sent Reuters a separate petition calling him to stay on as minister when asked for comment on calls for him to resign. The minister told parliament that a "non state actor" seeking money was believed to be behind the attack and that government services should be fully restored by August.
Ransomware attackers use software to encrypt data and demand payment from victims for restoring the data. Indonesia has said the attacker in this particular incident used an existing malicious software called Lockbit 3.0.
(This story has not been edited by Devdiscourse staff and is auto-generated from a syndicated feed.)
ALSO READ
TikTok Faces U.S. Privacy Violation Suit, DOJ Drops Data Security Allegations
Indonesia Faces Ransomware Crisis: $8M Demand Disrupts Government Services
Lockbit 3.0 Cyber Attack Cripples Indonesia's Immigration Services
U.S. Investigates Chinese Telecom Giants for Data Security Risks
US Tightens Scrutiny on Chinese Telecom Giants Amid Data Security Concerns
Google News