Indonesia refuses to pay $8 million ransom after national data center hacked


  • Indonesia's national data center has suffered a cyberattack by a group of hackers demanding an $8 million ransom.
  • More than 200 national and regional government agencies have been affected since the attack began last Thursday.
  • Some services, such as immigration, have been restored, but efforts are underway to bring back others, such as investment licenses.

Indonesia's national data center has been compromised by a group of hackers demanding an $8 million ransom that the government says it will not pay.

The cyberattack has disrupted services at more than 200 national and regional government agencies since last Thursday, said Samuel Abrijani Pangerapan, director general of computer applications at the Ministry of Communications and Information Technology.

Some government services have returned (immigration services at airports and other locations are now operational), but efforts continue to restore other services, such as investment licenses, Pangerapan told reporters on Monday.

BORDER FALLOUT WHEN 750K CUSTOMER DATA EXPOSED IN RANSOMHUB CYBERATTACK

The attackers took the data hostage and offered an access key in exchange for an $8 million ransom, said PT Telkom Indonesia IT solutions and networks director Herlan Wijanarko, without giving further details.

Officials check the passports of passengers departing for Singapore at the immigration checkpoint of the Bandar Bentan Telani ferry terminal on Bintan Island, Indonesia, May 15, 2024. Indonesia's national data center has been compromised by a group of hackers demanding an $8 million ransom that the government says it will not pay. (AP Photo/Dita Alangkara, File)

Wijanarko said the company, in collaboration with domestic and foreign authorities, is investigating and trying to break the encryption that made the data inaccessible.

Minister of Communication and Information Technology Budi Arie Setiadi told reporters that the government will not pay the ransom.

“We have done everything possible to carry out the recovery while the (National Cyber ​​and Crypto Agency) is conducting forensic analysis,” Setiadi added.

The head of that agency, Hinsa Siburian, said they had detected samples of the Lockbit 3.0 ransomware.

Pratama Persadha, president of the Indonesian Cybersecurity Research Institute, said the current cyberattack was the most serious in a series of ransomware attacks that have hit Indonesian government agencies and companies since 2017.

CLICK HERE TO GET THE FOX NEWS APP

“The disruption to the national data center and the days required to recover the system mean this ransomware attack was extraordinary,” Persadha said. “This shows that our cyber infrastructure and server systems were not being managed well.”

He said a ransomware attack would be meaningless if the government had a good backup that could automatically take control of the national data center's main server during a cyberattack.

Indonesia's central bank was attacked with ransomware in 2022, but public services were not affected. The Ministry of Health's COVID-19 app was hacked in 2021, exposing the personal data and health status of 1.3 million people.

Last year, an intelligence platform that monitors malicious activities in cyberspace, Dark Tracer, revealed that a hacking group known as the LockBit ransomware had claimed to have stolen 1.5 terabytes of data managed by Indonesia's largest Islamic bank, Bank Syariah Indonesia.

scroll to top