Close Menu
Indo Guard OnlineIndo Guard Online
  • Home
  • Cyber Security
  • Risk Management
  • Travel
  • Security News
  • Tech
  • More
    • Data Privacy
    • Data Protection
    • Global Security
What's Hot

Google exposes Vishing Group UNC6040 target on Salesforce with a fake app for a data loader

June 4, 2025

Malicious Chaos Rats are aimed at Windows and Linux via fake network downloads

June 4, 2025

Why do traditional DLP solutions do not get in the browser era

June 4, 2025
Facebook X (Twitter) Instagram
Facebook X (Twitter) Instagram YouTube
Indo Guard OnlineIndo Guard Online
Subscribe
  • Home
  • Cyber Security
  • Risk Management
  • Travel
  • Security News
  • Tech
  • More
    • Data Privacy
    • Data Protection
    • Global Security
Indo Guard OnlineIndo Guard Online
Home » Indonesia’s national data center encrypted with LockBit ransomware variant
Security News

Indonesia’s national data center encrypted with LockBit ransomware variant

AdminBy AdminJuly 6, 2024No Comments3 Mins Read
Share
Facebook Twitter LinkedIn Pinterest Email Copy Link


Hackers have encrypted systems at Indonesia’s national data center with ransomware, disrupting immigration checks at airports and a variety of other public services, according to the country’s communications ministry.

In a statement on Monday, the ministry said the systems of the Temporary National Data Center (PDNS) were infected with Brain Cipher, a new variant of the notorious LockBit 3.0 ransomware.

Minister of Communication Budi Arie Setiadi told the state news agency Antara that hackers have demanded $8 million in ransom in exchange for decrypting the data and emphasized that the government would not pay or comply with the demands. 

The attack affected the national data center branch located in Surabaya, Arie Setiadi said —  not the other location in the capital, Jakarta. 

The breach has the potential to expose data belonging to state institutions and local governments.

The cyberattack began last Thursday and has affected services like visa and residence permit processing passport services and immigration document management systems, according to the head of the country’s national cyber agency, Hinsa Siburian.

People had to wait in long lines at immigration desks at airports, according to Antara. As of Monday, most of the affected immigration services have been restored and important data has reportedly been migrated to the cloud.

The attack also affected the platform used for online enrollment to schools and universities, forcing the regional government to extend the registration period, local media reported. In total, the ransomware reportedly disrupted at least 210 local services.

According to Siburian, the hackers likely deactivated the center’s Windows Defender security feature, allowing them to get into the system unnoticed. Then, they “infected the targeted systems with malware, deleted important files, and deactivated running services.”

While the investigation into the attack is still ongoing, the country’s authorities said they have “isolated” the infected areas. The artifacts they can use to analyze the attack are limited because systems were encrypted, Siburian said.

The communications ministry did not respond to a request for comment.

LockBit’s return

Although the hackers used LockBit ransomware, it is possible that a different group could be behind the hack. A number of threat actors use the leaked LockBit 3.0 builder and claim it as their own, said Will Thomas, an instructor at the SANS Institute. For example, he said, the operators of SEXi ransomware have used the builder and recently targeted a data center in Chile.

LockBit was one of the most prolific ransomware operations before the police shut down its extortion site in February. Just three months later, the cybercriminals appeared to have resurrected it. 

The group has not listed the Indonesian government on its leak site, according to cybersecurity analyst Dominic Alvieri. “There’s usually a delay in listing due to negotiations. Entities in India and Indonesia are notorious for not paying, so I doubt they did,” Alvieri told Recorded Future News.

This is not the first time Indonesia’s data center has popped up as a target of hackers. In 2023, the group ThreatSec claimed to breach the center’s systems, purportedly stealing sensitive data, including criminal records.

Another major data breach in Indonesia affecting the country’s largest Islamic bank, BSI, was attributed to LockBit. Last May, the hackers reportedly stole the personal information of more than 15 million BSI customers and employees.

Get more insights with the

Recorded Future

Intelligence Cloud.

Learn more.



Source link

Share. Facebook Twitter Pinterest LinkedIn Tumblr Email Copy Link
Admin
  • Website

Related Posts

Germany, Indonesia agree to strengthen defense ties

July 29, 2024

Indonesia Welcomes UN Security Council Resolution on Ceasefire in Gaza

July 29, 2024

Indonesia Pushes for Stronger ASEAN-Canada Food Security Ties

July 27, 2024

Cryptomining group traced to Indonesia uses compromised AWS accounts

July 27, 2024

India, Indonesia decide to strengthen defence and security ties | India News

July 27, 2024

Indonesia pushes for stronger ASEAN-Canada food security ties

July 27, 2024
Add A Comment
Leave A Reply Cancel Reply

Loading poll ...
Coming Soon
Do You Like Our Website
: {{ tsp_total }}

Subscribe to Updates

Get the latest security news from Indoguardonline.com

Latest Posts

Google exposes Vishing Group UNC6040 target on Salesforce with a fake app for a data loader

June 4, 2025

Malicious Chaos Rats are aimed at Windows and Linux via fake network downloads

June 4, 2025

Why do traditional DLP solutions do not get in the browser era

June 4, 2025

Packages malicious Pypi, NPM and Rubin

June 4, 2025

HPE releases security patch for Storeonce error, which allows by -by -distance authentication

June 4, 2025

Fake Docusign, Gitcode Sites Distributed Netsupport Rat Through Multiple Attack PowerShell

June 3, 2025

Critical 10-year Error Webmail RoundCube allows users to run the malicious code

June 3, 2025

Understanding the scammers and how to defend their organization

June 3, 2025
About Us
About Us

Provide a constantly updating feed of the latest security news and developments specific to Indonesia.

Facebook X (Twitter) Pinterest YouTube WhatsApp
Our Picks

Google exposes Vishing Group UNC6040 target on Salesforce with a fake app for a data loader

June 4, 2025

Malicious Chaos Rats are aimed at Windows and Linux via fake network downloads

June 4, 2025

Why do traditional DLP solutions do not get in the browser era

June 4, 2025
Most Popular

In Indonesia, crippling immigration ransomware breach sparks privacy crisis

July 6, 2024

Why Indonesia’s Data Breach Crisis Calls for Better Security

July 6, 2024

Indonesia’s plan to integrate 27,000 govt apps in one platform welcomed but data security concerns linger

July 6, 2024
© 2025 indoguardonline.com
  • Home
  • About us
  • Contact us
  • Privacy Policy

Type above and press Enter to search. Press Esc to cancel.