n late November 2023, an account named Jimbo posted on the hacker platform BreachForums, offering 204.8 million pieces of distinct data from Indonesia’s voter list for sale. As proof, the poster shared 500,000 pieces of data, including the full name, gender, date and place of birth, marital status, full address and ID and family card number of individual voters.
This massive breach of the voter roll at the General Elections Commission (KPU) was just the latest in a series of cyberattacks on Indonesian institutions over the past few years. The National Resilience Institute (Lemhannas) reported that Indonesia faced approximately 2,200 anomalous cyberattacks every minute in 2023.
In the first 10 months of 2023, the National Cyber and Encryption Agency (BSSN) recorded over 360 million cyberattacks, nearing the 370.02 million total for 2022, and up 38.72 percent from 266.74 million in 2021.
The situation could worsen in the coming year unless the most significant weakness, human vulnerability, is urgently addressed.
‘Tsunami’ of theft
According to cybersecurity firm Trend Micro, the next year could witness a “tsunami of sophisticated social-engineering tactics and identity theft” driven by generative artificial intelligence (Gen AI) tools.
The widespread availability and enhanced quality of Gen AI will enable hackers and other threat actors to easily and cost-efficiently create hyperrealistic audio and video content. This content is designed to deceive people into clicking harmful links, downloading malware or falling for scams.
