Acyber attackin Indonesia that’s been called the worst in years exposed a critical mistake in the country’s information technology policy. Almost none of the data in one of the two data centers hit by the ransomware attack is backed up, meaning it cannot be restored other than by decrypting the affected servers’ storage systems.
The attack happened on June 20, when a “non-state actor” compromised Indonesia’s Temporary National Data Center (PDNS) using a variant of theLockBit 3.0 malwarecalled Brain Cipher. This software not only extracts sensitive data but also encrypts it on the servers. The attacker has demanded a ransom of $8 million, which the government says it does not intend to pay.
The attack affected over 230 public agencies in Indonesia, including ministries, and severely disrupted several critical national services. These included important government services such as immigration and operations at major airports.
After theimpact became clear, Indonesian President Joko Widodo ordered an audit of the country’s data centers. Muhammad Yusuf Ateh, who leads Indonesia’s Development and Finance Controller (BPKP), said the audit would cover “governance and the financial aspect” of the cyberattack.
An official from Indonesia’s cybersecurityagency told Reuters that 98% of the government data stored in one of the two compromised data centers had not been backed up. While the data center had the backup capacity to store the data, it wasn’t required. Many government agencies did not use the backup service because of budget constraints.
Since then, some have called for Budi Arie Setiadi, Indonesia’s communications director, to resign his post. Setiadi’s ministry is responsible for running the data centers. Setiadi, they say, has failed to take responsibility for multiple cyber attacks on the nation.
The commission chair investigating the incident, Meutya Hafid, said, “If there is no back up, that’s not a lack of governance. That’s stupidity.”
Get Tom’s Hardware’s best news and in-depth reviews, straight to your inbox.
Indonesian authorities say they are trying to decrypt the data themselves. The team expects to have all government services fully restored by August.
Jeff Butts has been covering tech news for more than a decade, and his IT experience predates the internet. Yes, he remembers when 9600 baud was “fast.” He especially enjoys covering DIY and Maker topics, along with anything on the bleeding edge of technology.
