Hackers encrypted all data, the Indonesian Government discovered there was no back-up

A cyber attack considered the worst in many years in Indonesia occurred on June 20. Hackers used a variant of LockBit 3.0 malware called Brain Cipher to compromise Indonesia's Provisional National Data Center (PDNS).

This software not only extracts sensitive data but also encrypts them on servers.

Hackers encrypted all data, the Indonesian Government discovered there was no back-up Picture 1

This attack caused heavy damage to Indonesia, affected more than 230 public agencies in Indonesia, including ministries, and caused serious disruption to a number of important national services such as immigration and immigration. operates at major airports.

The attacker demanded a ransom of $8 million. But the Indonesian government said it would not pay hackers the money to ransom the data.

After the attack, Indonesian President Joko Widodo ordered an audit of the country's data centers. As a result, 98% of government data stored in one of the two attacked data centers was not backed up even though the data center had backup capacity to store the data. Due to budget constraints, many government agencies do not use backup services. This means they cannot be recovered beyond decrypting the storage systems of the affected servers.

This cyber attack on Indonesia exposed a serious mistake in the country's information technology (IT) policy.

Micah Soto

Update 05 July 2024