JAKARTA: A cyberattack on Indonesia's national data center has compromised hundreds of government offices and caused significant delays at the capital's main airport. The hacker, using software developed by the Russian ransomware group LockBit, demanded a US$8 million ransom, officials reported on Monday (Jun 24).
The attack led to long queues at immigration gates at Jakarta's Soekarno-Hatta International Airport last week after systems went down. Senior official Semuel Abrijani Pangerapan from the communications ministry stated that 210 institutions at the national and local levels were affected. The hacker, operating on the dark web, demanded an $8 million ransom.
As of Monday morning, immigration services were beginning to return to normal, and efforts were underway to restore other affected services. Authorities are still investigating the ransomware, known as Brain Cipher, which made government data inaccessible through encryption
LockBit and its affiliates have a history of targeting governments, major companies, schools, and hospitals, causing billions of dollars in damages and extracting tens of millions in ransoms from victims. Their ransomware typically freezes a target's files and data via encryption once inserted into the IT systems.
Recently, the United States, Britain, and Australia imposed sanctions on the leader of LockBit, accusing the group of extorting billions of dollars from thousands of victims. According to the UK government, LockBit was responsible for a quarter of all ransomware attacks worldwide last year and has extorted over $1 billion from victims globally. The top five countries hit by LockBit were the United States, Britain, France, Germany, and China, according to Europol.
Indonesia has a weak cybersecurity record, characterized by poor online literacy and frequent data leaks. In 2021, during the COVID-19 pandemic, researchers from encryption provider vpnMentor revealed that the data of 1.3 million users of a government test-and-trace app had been compromised. This came just months after hackers allegedly leaked the data of over 200 million participants of the National Health Care and Social Security Agency (BPJS Kesehatan).
