Indonesia tightens cybersecurity after ransomware attack, IT Security News, ET CISO

The recent cyberattack in Indonesia that massively disrupted its national data system has urged the country to strengthen its cyber resilience and evaluate its digital technology policy.Indonesian Coordinating Minister for Political, Legal and Security Affairs Hadi Tjahjanto said on Friday that the government would carry out digital security improvement and strengthen the system capabilities of its national data centre, reported Xinhua news agency.

“We are making the data centre with the ability to have multiple back-ups, layered back-ups with good security. We want it to be a system that cannot be hacked. This will continue to be done to support the government’s performance in serving the public,” Tjahjanto said in a press conference.

Indonesia’s Ministry of Communication and Informatics is currently preparing to execute what it calls as “tenant redeploy”, improving the digital security in governance by stricter standard operating procedures. “We’ll execute it from August to September 2024,” the ministry’s Director General of Informatics Applications, Ismail, said on Thursday.

The ransomware attack that targeted Indonesia’s national data centre and created a massive data crisis started on June 17 and went on for almost one week, with the hacker initially asking for a ransom of $8 million.

According to the Ministry of Communication and Informatics and the National Cyber and Encryption Agency, at least 282 institutions were disrupted by the attack, including the immigration services, which caused long queues at the airports due to system bottlenecks at the immigration checkpoints. The attack also disrupted educational institutions as the country was currently holding a student enrolment period ahead of the new academic year.

Reports said that following the incident, many citizens in Indonesia demanded the Communication and Informatics Minister to step down due to his failure in protecting the public’s data.

The financial industry in Indonesia, as the institution that is most vulnerable to hackers, continues to increase its cybersecurity capacity to anticipate the threat of cyberattacks, ranging from fulfilling cybersecurity standards to simulations in facing cyberattacks.

Indonesia’s Financial Services Authority, a government agency that regulates and supervises the financial services sector, launched on Tuesday cybersecurity guidelines that were specifically designed for all financial sector technology innovation organisers in the country.

The guidelines provide a cyber capacity-building programme that includes data protection, risk management, incident response, maturity assessment, training and awareness by prioritising the principles of collaboration and information exchange.

Meanwhile, the Indonesian Internet Service Providers Association (APJII) said it was preparing to form a task force that would focus on cybersecurity, particularly to prevent the negative impacts of increasingly massive technological innovation.

“We want to gather existing related stakeholders to provide inputs to the government in any case, especially for cases related to cybersecurity,” APJII Chairman Muhammad Arif said on Wednesday.

He also said that APJII, which currently has 1,087 members of Internet service providers across Indonesia, had begun to develop support for maintaining security in cyberspace.

Ridi Ferdiana, a software expert from the Faculty of Engineering of the Gadjah Mada University in Indonesia’s Yogyakarta province, said the recent ransomware attack should be a self-reflection for the government to improve the information system architecture, security procedures and computer security networks.

“There are several cybersecurity measures that can be taken to prevent the national data centre server from being exposed to cyberattacks again, including developing routine inspection procedures related to security gaps, implementing network security procedures for the public and the data centre, as well as conducting regular maintenance to review the security perimeter and suitability of procedures,” Ferdiana said.

The government, he said, should design high-availability cloud infrastructure based on disaster recovery plans to speed up the data recovery.

“We also advise that the national data centre implement encryption at the row field security or file level either in transit or at rest, so that even in the event of ransomware, the stolen data cannot be read,” he added.