A significant cyberattack has recently affected over 40 agencies in Indonesia, causing widespread disruption to government operations. This attack is identified as the most severe cyber incident the country has faced in recent years, resulting in the disturbance of immigration services and the prolonged effect on major airports.
According to an official statement on Wednesday, more than 40 agencies, including the immigration ministry, were affected by the cyberattack on the country’s data centers. Usman Kansong, an official from the communications ministry, revealed that a total of 44 government agencies, including key ministries, fell victim to the ransomware attack.
The disruption caused data restoration efforts, with five agencies, such as immigration services and the coordinating ministry of investment, having their data successfully restored. The government is actively working to address the restoration of data at 39 other affected agencies, with an expectation to complete the restoration of data at 18 government agencies by the end of the month.
During a joint press conference with the ministry, Telkom Group director Harlan Wijanarko sought to reassure the public by affirming the security of their data. He mentioned that the system in the national data center had been isolated to prevent external access and that investigations into the cause of the attack were ongoing. Telkom Group operates two major data centers in Indonesia, one in Jakarta and the other in Surabaya. All government agencies heavily rely on these centers for their data storage, and it was the Surabaya data center that was targeted in the attack.
The communications ministry disclosed earlier this week that the attack was perpetrated using a malicious software known as Lockbit 3.0, with the attackers demanding an $8 million ransom, which the government refused to concede to. The Lockbit cybercrime group has gained notoriety for its utilization of ransomware to extort victims. Ransomware functions by encrypting the data of victims, with hackers offering a decryption key in exchange for substantial payments, usually in cryptocurrency.
Despite the significant impact of the cyberattack, the government is taking rigorous measures to address the situation, with ongoing efforts to restore data and improve cybersecurity measures. This incident serves as a reminder of the increasing threats posed by cyberattacks and the critical need for robust cybersecurity measures.
In the wake of this cyber incident, it is imperative for government agencies and organizations to bolster their cybersecurity defenses and remain vigilant against potential threats. Additionally, it underlines the necessity for international cooperation and information sharing to combat cyber threats effectively.
As the government continues its efforts to restore operations and strengthen cybersecurity measures, it is essential to remain vigilant and proactive in addressing cyber threats to safeguard critical infrastructure and sensitive data.
Leave a Reply