TheJakartaPost
Please Update your browser
Your browser is out of date, and may not be compatible with our website. A list of the most popular web browsers can be found below.
Just click on the icons to get to the download page.
Indonesia under cyber-siege: Is there any way out?
The complexity and anonymity of ransomware attacks make them even more difficult for law enforcement to counteract.
Change text size
Gift Premium Articles
to Anyone
Share the best of The Jakarta Post with friends, family, or colleagues. As a subscriber, you can gift 3 to 5 articles each month that anyone can read—no subscription needed!
Back in business: Bank Syariah Indonesia (BSI) tellers count United States dollar banknotes at the bank’s branch office on Jl. Thamrin in Central Jakarta on May 11, 2023. The management said the bank had resumed operations after hackers allegedly stole customers’ personal data recently. (Antara/M Risyal Hidayat)
I
ndonesians have been appalled by yet another cyberattack targeting the country’s banking industry. To show how vulnerable the industry is to the threat, a group of Ransomware-as-a-Service (RAAS) hackers called Lockbit 3.0 allegedly have leaked personal data of Bank Syariah Indonesia (BSI) customers.
The stolen data has reportedly been published on the dark web after negotiations to accommodate the hackers demands failed. The leaked data includes sensitive information including banking and financial data, consumer transactions and personal data.
Alfons Tanujaya, a cybersecurity observer from Lilin.com, believes the hacking had been going on for quite some time, since the beginning of Idul Fitri on April 22. In observance of the Islamic holiday, the government declared a period of collective leave for civil servants from April 19 to April 25, which the banking industry followed.
On May 8, it was stated that BSI customer data had been copied and encrypted by hackers. This process took quite some time due to the large amount of data, 1.5 terabytes, that had to be extracted.
Data breaches are not unusual for Indonesia. The BSI ransomware attack was only the latest in a series of similar attacks since the enactment of the Personal Data Protection (PDP) Law. These cases truly raise questions about the adequacy of Indonesia’s cybersecurity framework.
Ransomware is a type of malware that is designed to cause damage to computer systems, servers or computer networks. Other malware includes viruses, spyware, adware and ransomware. As a type of malware, ransomware is designed to prevent victims from accessing a system until a ransom is obtained.
Generally, ransomware involves hackers accessing computer networks through illegally obtained employee data. Once they gain access to the system, the hackers either employ an insider to install a flash disk into the computer workstation or use phishing attacks to gain sensitive information and login credentials.
