Cyberattacker Hits Indonesia’s Data Centre, Demands $8m Ransom

A cyberattack on Indonesia’s national data center affected hundreds of government offices and caused lengthy delays at the capital’s main airport, with the hacker seeking a $8 million ransom, officials claimed on Monday.

Last week, long lines formed at immigration gates at Jakarta’s Soekarno-Hatta International Airport when systems were down due to an attack carried out using malware developed by Russian ransomware group LockBit, according to a communications ministry official.

The attack “affected 210 institutions at the national and local levels,” top official Semuel Abrijani Pangerapan told reporters Monday, adding that a dark web hacker sought a $8 million ransom.

He noted that immigration services were back to normal on Monday morning, and that work was being done to restore other disrupted services.

Authorities are currently investigating Brain Cipher, the malware that encrypted government data, he said.

LockBit and its affiliates have attacked governments, large corporations, schools, and hospitals, causing billions of dollars in damage and demanding tens of millions in ransom from victims.

Typically, once the ransomware operator inserts their programs into a target’s IT systems, they are altered to freeze the target’s files and data through encryption.

Last month, the US, UK, and Australia announced sanctions against the leader of LockBit, accusing him of extorting billions of dollars from thousands of victims.

The organization was responsible for a quarter of all ransomware assaults worldwide last year and extorted “over $1 billion from thousands of victims globally,” according to the UK government.

The top five countries affected by LockBit were the United States, the United Kingdom, France, Germany, and China, according to Europol, the European Union’s law enforcement organization.

Indonesia has a dismal cyber security record, with little internet literacy and frequent leaks.

During the Covid-19 pandemic in 2021, experts from encryption company vpnMentor discovered that the data of 1.3 million government test-and-trace app users had been compromised.

The revelation occurred just months after hackers allegedly exposed data from over 200 million National Health Care and Social Security Agency (BPJS Kesehatan) participants.



Leave a Reply