APSN Banner

Indonesian ministry apologises for cyber attack amid calls for resignation

Source
Straits Times - July 2, 2024

Hariz Baharudin, Jakarta – Indonesia's Ministry of Communication and Informatics has apologised repeatedly for June's ransomware attack that has crippled some government services amid mounting criticism from the public on the handling of the cyber attack and its fallout.

Other public services that were reported to have been affected include those in procurement, event licensing and halal certification.

Communications and Information Minister Budi Arie Setiadi is facing public pressure to quit, including a petition that has garnered thousands of signatures. At a media event on July 1, he said he was sorry for the incident, reported national daily The Jakarta Post.

He also apologised on June 22, two days after hackers infiltrated Indonesia's National Data Centre (PDN) server, triggering wide-ranging impacts on government services and loss of data.

The server, which is managed by the Ministry of Communication and Informatics, carries a database of information that government services need to function.

Some of the affected services, including immigration and passport clearance, have resumed. Local reports said that as at July 2, only five of the more than 200 agencies affected have had their databases restored. Mr Budi said on June 27 at the House of Representatives that his ministry aims to recover all affected databases by the second week of August.

Some agencies have also reported that data, including that of 800,000 prospective students who registered for a national university card, has been lost forever because of a lack of backups.

Lawmaker and deputy chairman of Commission X of the Indonesian House of Representatives Dede Yusuf said the data loss was linked to the ransomware attack. The commission focuses on education, youth, sport, tourism, arts and culture.

"I am very sorry. Why? Because the Ministry of Education, Culture, Research and Technology did not back up the large amount of data of millions of students in Indonesia," Mr Dede told reporters on July 1.

The spotlight is now on how the government will move forward, given the massive data loss.

Mr Hinsa Siburian, chairman of Indonesia's cyber-security agency known by its acronym BSSN, said 98 per cent of the data stored in the compromised data centre had not been backed up.

"Generally we see the main problem is governance and there is no backup," he told a parliamentary hearing on June 27, according to Reuters.

There is no confirmation for how long it could take the government to rebuild the affected databases, said Mr Muhammad Habib Abiyan Dzakwan of Indonesian think-tank Centre for Strategic and International Studies.

This is because the scale of the problem is not yet understood and the nature of the ransomware is still not yet known, he told The Straits Times.

"We need to work together with our international partners on how to move forward after this incident. Singapore and the United States are top of mind and close partners that I can think of for this matter," said Mr Habib.

Four days after the attack started on June 20 on the PDN server, state news agency Antara quoted Mr Budi as saying that a hacker compromised the data centre and asked for a ransom of US$8 million (S$10.8 million).

The Indonesian authorities said the attack was carried out using software developed by Russian ransomware group LockBit.

The group was responsible for a massive data breach in May 2023 reportedly involving the personal particulars of more than 15 million customers and staff of Bank Syariah Indonesia (BSI), the country's largest Islamic bank.

Calls for the resignation of Mr Budi have intensified in the past few days.

More than 18,500 people have signed the petition demanding that Mr Budi quit over the ministry's alleged negligence in protecting people's personal information stored at the data centre.

The petition, started on June 26 by internet watchdog Southeast Asian Freedom of Expression Network (SAFEnet), also asked Mr Budi to apologise publicly.

The minister has declined to comment on the petition, but has said it is the right of people to speak out.

On July 2, local media reported the hackers claiming to be behind the cyber attack issued a statement on an online forum saying they will release the stolen data on July 3, and that the attack did not carry a "political context".

"We hope that our attack made it clear to you how important it is to finance the industry and recruit qualified specialists," the post said.

Cyber-security experts have not yet been able to verify the validity of the post, but told ST the language used in the post suggests that if it is legitimate, some deal might have been worked out with the hackers.

"It could be a case where the ransom was paid, but the group was told to not reveal this," said Associate Professor Yohanes Sulaiman of the Jenderal Achmad Yani University.

"There is no hacker group which will, out of the goodness of their heart, release stolen data without having got something in return."

The government has said it will not give in to demands from the hackers and will not pay the ransom.

Source: https://www.straitstimes.com/asia/se-asia/indonesian-ministry-apologises-for-cyber-attack-amid-calls-for-resignatio

Country