Cyber Attack Hits Indonesia's National Data Centre, Ransom Sought
A cyber attack on Indonesia's central data centre caused disruptions in government functions, including airport immigration inspections. The attacker sought a $8 million ransom and utilised a new version of Lockbit ransomware. The event is part of a series of cyber attacks on Indonesian businesses and government entities.
The anonymous assailant sought a $8 million ransom, according to the country's communications minister. The incident underlines the growing threat of cybercrime and the importance of adequate cybersecurity measures.
The attack, which occurred last week, caused long lineups at immigration booths and disrupted several government functions. However, the communications ministry has announced that automated passport machines are again operating again.
Minister Budi Arie Setiadi disclosed that the perpetrator utilised a new version of the Lockbit ransomware, Lockbit 3.0. Lockbit is a notable cybercrime outfit that uses ransomware to digitally extort victims. The gang encrypts victims' data and then demands money, generally in bitcoin, in exchange for a decryption key.
The government is currently working to restore the disrupted services, including immigration. However, it is unknown whether the perpetrators have received any ransom payments. Digital forensics investigations are in underway to gather additional information about the occurrence.
This cyber attack is the latest in a string of similar incidents aimed at Indonesian businesses and government organisations in recent years. Last year, the country's largest Islamic lender, Bank Syariah Indonesia (BSI), purportedly had 15 million clients' account information released online, however the bank could not acknowledge the data breach. In 2022, Indonesia's central bank was similarly hit by ransomware, however public services were unaffected. Furthermore, in 2021, a weakness in the health ministry's COVID app compromised the personal information and health status of 1.3 million people.
Teguh Aprianto, a cybersecurity specialist, called the new attack "severe" and stated that it caused considerable interruptions to public services for several days. He stressed the importance of enhanced government infrastructure, people, and vendor management in addressing Indonesia's persistent cybersecurity concerns.
A cyber attack on Indonesia's national data centre disrupted government services, including immigration checks at airports.
The attacker demanded an US$8 million ransom and used a new variant of the Lockbit ransomware.
The incident is part of a series of cyber attacks targeting Indonesian companies and government agencies.
Source: REUTERS