The cyberattack on dozens of Indonesian government entities has exposed extraordinarily lax oversight, with the revelation on Friday that the bulk of information stored in state data centres was not backed up.
Indonesian President Joko Widodo ordered an audit of government data centres after officials made the admission about the bulk of data affected by the recent ransomware attack and exposed the country’s vulnerability to such attacks.
The cyberattack, which first hit last week, was the worst in Indonesia in recent years and disrupted multiple government services, including immigration and operations at major airports.
ALSO SEE: US planning ‘aggressive’ rules on data security for Chinese EVs
The government has said more than 230 public agencies, including ministries, had been affected, but has refused to pay an $8 million ransom demanded to retrieve the encrypted data.
Responding to the cyberattack, Indonesia’s state auditor said the president instructed it to examine the country’s data centres.
The audit would cover “governance and the financial aspect”, said Muhammad Yusuf Ateh, who heads Indonesia’s Development and Finance Controller (BPKP), after attending a cabinet meeting led by Widodo on Friday.
Hinsa Siburian, an official who chairs Indonesia’s cyber security agency known by its acronym BSSN, has said 98% of the government data stored in one of the two compromised data centres had not been backed up.
“Generally we see the main problem is governance and there is no back-up,” he told a parliamentary hearing late on Thursday.
Some lawmakers dismissed the explanation.
‘Not lack of governance – that’s stupidity’
“If there is no back up, that’s not a lack of governance,” said Meutya Hafid, chair of the commission overseeing the incident. “That’s stupidity”.
A BSSN spokesperson did not immediately respond when asked whether it would be possible to recover the encrypted data.
Budi Arie Setiadi, Indonesia’s communications minister, said the ministry had back-up capacity at the data centres, but it was optional for government agencies to use the service.
He said government agencies did not back up the data due to budget constraints, adding this would soon be made mandatory.
The cyberattack has sparked criticism of the minister on social media in Indonesia.
Digital advocacy group SAFEnet started a petition calling for Budi’s resignation, citing his lack of responsibility over repeated cyber attacks.
Budi sent Reuters a separate petition calling for him to stay on as minister when asked for comment on calls for him to resign.
The minister told parliament that a “non state actor” seeking money was believed to be behind the attack and that government services should be fully restored by August.
Ransomware attackers use software to encrypt data and demand payment from victims for restoring the data. Indonesia has said the attacker in this particular incident used an existing malicious software called Lockbit 3.0.
‘Taiwanese’ cyber scammers to be deported
Meanwhile, in similar news, Indonesian immigration officials said on Friday they arrested 103 Taiwan passport holders on suspicion of running a cyber crime operation on Bali island.
The raid on Wednesday was the biggest arrest this year, the Immigration agency said.
Bali immigration director Saffar Muhammad Godam told reporters authorities would soon deport the Taiwan passport holders after arresting them in a sting operation at a villa in Bali’s Tabanan district.
“The 103 foreign nationals stayed at the villa and conducted suspicious activities, which we suspect are activities related to cyber crime activities,” he said, presenting laptops and routers at the press conference.
Those arrested were also suspected of misusing their visas, he added.
However, Taiwan’s foreign ministry said its de facto embassy in the country had been told that of the 103 foreign nationals arrested, at least 14 were suspected of being Taiwanese.
Taiwan will send consular staff to Bali and has asked Indonesia to send the suspects back to Taiwan as soon as the investigation is complete, the ministry said in a statement.
Reuters could not immediately contact legal representatives of the arrested Taiwanese.
Godam said the scam was targeting people from overseas and not Indonesians.
- Reuters with additional editing by Jim Pollard
ALSO SEE:
Indonesian airports, data centres hit by worst cyberattack in years
Scamming Compounds in SE Asia Stole $64 Billion in 2023: Report
High-Tech Asian Crime Wave: Cyber Scams, Casinos Loot Billions
Big Tech ‘Doing Little’ to Counter Rampant Scams on Social Media
Lockbit Cybercrime Gang Claims It’s Up And Running Again
Russians Named as West Smashes Lockbit Ransomware Gang
China Plan to Train 45,000 Firms in Hacker Protection Measures
AI Chiefs Say Deepfakes a Threat to World, Call For Regulation
Fake Chinese Accounts Flourish on X, Analysis Shows – WaPo
