The recent ransomware cyberattack on the Indonesian government has revealed significant deficiencies in the country’s cybersecurity preparations. Officials have admitted that most of the affected government data had not been backed up, highlighting a critical vulnerability in Southeast Asia’s largest economy.
The cyberattack, described as the worst in Indonesia’s recent history, disrupted several essential government services, including immigration and major airport operations. More than 230 public agencies, including various ministries, were impacted by the attack. Despite the severity of the incident, the Indonesian government has refused to pay the $8 million ransom demanded by the attackers to decrypt the compromised data.
Hinsa Siburian, head of Indonesia’s cybersecurity agency BSSN (Badan Siber dan Sandi Negara), testified before parliament, revealing that 98% of the government data stored in one of the two affected data centers had no backups. “Generally, we see the main problem is governance, and there is no backup,” Siburian stated during a parliamentary hearing late Thursday.
The lack of data backups has sparked a heated debate among lawmakers. Meutya Hafid, chair of the commission overseeing the incident, criticized the explanation. “If there is no backup, that’s not a lack of governance,” Hafid remarked. “That’s stupidity.”
A BSSN spokesperson did not immediately respond to inquiries about the potential recovery of the encrypted data.
Indonesia’s Communications Minister Budi Arie Setiadi addressed the issue, explaining that while the ministry had backup capacity at the data centers, utilizing this service was optional for government agencies. Setiadi attributed the lack of backups to budget constraints but assured that making data backups mandatory would soon be implemented.
The cyberattack has also led to widespread criticism of Setiadi on social media. Digital advocacy group SAFEnet has launched a petition calling for his resignation, accusing him of failing to take responsibility for the recurring cyberattacks. When asked for comment on the calls for his resignation, Setiadi provided a separate petition urging him to remain in his position.
Setiadi informed parliament that a “non-state actor” seeking financial gain was believed to be behind the attack. He also indicated that full restoration of government services was expected by August. The ransomware used in this attack has been identified as Lockbit 3.0, a well-known malicious software used by cybercriminals to encrypt data and demand ransom payments.
The ransomware attack has brought to light several critical issues within the Indonesian government’s approach to cybersecurity. The following points summarize the key aspects of the incident and the government’s response:
- Extent of Impact: Over 230 public agencies, including ministries, were affected by the cyberattack.
- Lack of Backups: 98% of the data stored in one of the two compromised data centers was not backed up.
- Ransom Demand: The attackers demanded $8 million to decrypt the data, which the government refused to pay.
- Budget Constraints: Budget limitations were cited as a reason for the lack of mandatory data backups.
- Future Plans: The government plans to make data backups mandatory for all agencies.
| Aspect | Details |
|---|---|
| Date of Attack | Last week |
| Affected Entities | Over 230 public agencies |
| Ransom Demand | $8 million |
| Main Issue | 98% of data not backed up |
| Responsible Party | Believed to be a “non-state actor” |
| Restoration Timeline | Full restoration by August |
| Ransomware Used | Lockbit 3.0 |
The cyberattack has ignited a wave of responses from both lawmakers and the public. Several legislators expressed their dissatisfaction with the government’s handling of the situation. The following points capture the essence of these reactions:
- Parliamentary Hearing: During a heated parliamentary hearing, officials were grilled about the lack of data backups.
- Criticism from Lawmakers: Some lawmakers, including Meutya Hafid, criticized the explanation provided by BSSN, labeling it as “stupidity.”
- Public Outcry: The public’s frustration has been evident on social media, with many calling for the resignation of Communications Minister Budi Arie Setiadi.
- Petitions for Resignation: Digital advocacy group SAFEnet started a petition demanding Setiadi’s resignation, citing his lack of responsibility over repeated cyberattacks.
In light of the attack, the Indonesian government is expected to implement several measures to enhance its cybersecurity infrastructure and prevent similar incidents in the future. Key steps include:
- Mandatory Data Backups: Establishing a mandatory policy for data backups across all government agencies.
- Budget Allocation: Allocating sufficient budget for cybersecurity measures and infrastructure improvements.
- Cybersecurity Training: Providing comprehensive cybersecurity training for government employees to improve awareness and preparedness.
- Collaboration with Experts: Collaborating with cybersecurity experts and international organizations to strengthen defenses against cyber threats.
- Public Transparency: Ensuring transparency in government actions and communications to rebuild public trust.
The recent ransomware attack on the Indonesian government has underscored the critical need for robust cybersecurity measures and data backup protocols. As the government works to restore affected services and implement future safeguards, the incident serves as a stark reminder of the vulnerabilities that exist in the digital age. Ensuring the security of government data and services will require concerted efforts, adequate funding, and a commitment to continuous improvement in cybersecurity practices.
Featured Image by DC Studio on Freepik