The attack, which took place last month, targeted Indonesia’s Temporary National Data Center (PDNS). It locked and encrypted crucial data systems and caused significant disruption to services like airport immigration checks.
“Citizens of Indonesia, we apologise for the fact that it affected everyone,” hackers wrote in a statement released on their website on Tuesday.
The statement was shared by Singapore-based dark web intelligence outfit Stealth Mole.
The group, which initially demanding 131 billion Rupiah ($8 million) ransom, claimed they were acting as a penetration tester to expose weaknesses in Indonesia’s cybersecurity. They also promised to provide decryption keys for free within 24 hours.
“We hope that our attack made it clear to you how important it is to finance the industry and recruit qualified specialists,” hackers said.
“Our attack did not carry a political context, only a pentest [penetration test] with post-payment.”
Ransomware gang Brain Cipher announced they’ll release decryption keys for free this Wednesday. They emphasized the need for cybersecurity funding and specialists. Apologies to Indonesia for the disruption. They request public acknowledgment of their decision. pic.twitter.com/FNNg0YsoAp
— Fusion Intelligence Center @ StealthMole (@stealthmole_int) July 1, 2024
Over 230 government agencies were disrupted as a result of the attack. Fears of personal data leaks loomed large after the Indonesian government refused to pay the ransom demanded by Brain Cipher. Panic intensified after it emerged that backups were not mandatory for all affected agencies and much of the affected data was not replicated elsewhere.
In its message, Brain Cipher called on the Indonesian government to publicly express “gratitude” for their decision, claiming it was made “independently.” It even went so far as to suggest a private thank you at a post office if a public display was deemed inappropriate.
The attack has laid bare Indonesia’s vulnerabilities in the digital age. Cybersecurity experts point to the nation’s reliance on basic security measures like Windows Defender, despite a significant budget allocated for data protection.
Moreover, the government’s decision to make data backups optional for agencies has been met with criticism.
Jakarta MP Meutya Hafid called it “stupidity,” while Minister of Communication and Information Technology Budi Arie Setiadi admitted the service was underutilised due to budget constraints. He pledged to make backups mandatory in the future.
Public outrage on the issue materialised in a petition demanding the resignation of communications minister, which garnered over 18,000 signatures.
Cybersecurity analyst Alfons Tanujaya described the country’s cybersecurity as “weak,” citing factors like political structures, data management practices, and the rapid pace of digitalisation. He highlighted the appointment of unqualified political figures to data management positions, rather than skilled professionals.
Indonesian authorities have yet to comment on the development.
The effectiveness of the decryption key currently remains unverified.