Jakarta: The recent ransomware cyberattack on Indonesian government data has exposed a critical vulnerability: the majority of affected data was not backed up, officials disclosed. This incident, described as the most severe cyberattack in Indonesia in recent years, has severely disrupted essential government services, including immigration processes and operations at major airports.
Over 230 public agencies, including ministries, fell victim to the attack, which demanded an $8 million ransom for decrypting the compromised data. However, the government has firmly refused to pay, emphasizing its stance against negotiating with cybercriminals.
Hinsa Siburian, chair of Indonesia’s cyber security agency BSSN, highlighted that 98% of the government data housed in one of the compromised data centers lacked backup protocols. Speaking at a parliamentary hearing, he underscored governance issues as the core challenge, emphasizing the absence of essential backup measures.
Criticism from lawmakers like Meutya Hafid, chair of the overseeing commission, was sharp. She dismissed the lack of backups not as a governance issue but as a fundamental oversight.
Also Read | Russian Defense Minister Urges Action Against US Drone ‘Provocations’ in Black Sea
The communications minister, Budi Arie Setiadi, acknowledged that backup facilities were available at the data centers but were not universally utilized by government agencies due to budget constraints. He pledged to make data backup mandatory in the near future.
The cyberattack has sparked widespread public outcry, with calls for Minister Budi’s resignation gaining traction on social media. Digital advocacy group SAFEnet initiated a petition citing his alleged negligence in preventing repeated cyber incidents.
Minister Budi attributed the attack to a “non-state actor” driven by financial motives, expressing confidence in restoring full government services by August.
Ransomware attacks involve encrypting data and demanding payment for decryption. The specific attack in Indonesia involved the use of Lockbit 3.0, a known malicious software.
