TheJakartaPost
Please Update your browser
Your browser is out of date, and may not be compatible with our website. A list of the most popular web browsers can be found below.
Just click on the icons to get to the download page.
Cybersecurity strategy for Indonesia's critical infrastructure protection
In recent years, Indonesia's critical infrastructure systems have been targeted by a wide range of cyberthreats that usually aim to gain control of and deny access to critical systems, or to encrypt, delete or steal important data in the systems.
Change Size
Protection first: A binary code is projected on a man holding a laptop computer. Laptops, PCs and printers are becoming more prone to cyberattacks. (Reuters/Kacper Pempel)
T
he widespread adoption of information and communication technology (ICT) in many sectors has made cybersecurity a pressing concern for many stakeholders, both in the private and public sectors. This is particularly true for critical infrastructure systems, such as power grids, healthcare services and financial institutions.
In recent years, Indonesia's critical infrastructure systems have been targeted by a wide range of cyberthreats that usually aim to gain control of and deny access to critical systems, or to encrypt, delete or steal important data in the systems. These attacks can cause financial losses to the country's economy and disrupt essential services.
From 2017 to 2018, massive ransomware attacks hit many hospitals in Indonesia, rendering patients’ data inaccessible when needed. In 2022, a hacker with the pseudonym Bjorka claimed that it had gained the personal data of millions of Indonesian citizens from various electronic systems. Recently, the customer data of Bank Syariah Indonesia (BSI), the largest Sharia bank in Indonesia, was stolen in May 2023 through cyberattacks conducted by the so-called LockBit group.
Critical infrastructure systems are vulnerable to a wide range of cyberthreats due to their complexity and interconnectedness. Among the most common vulnerabilities are outdated software and weakly secured network ports, which can create security gaps that hackers can exploit. Another common vulnerability is human error, such as employees falling for phishing scams or using weak passwords.
Moreover, many critical infrastructure systems are connected to the internet, making them accessible to attackers from anywhere in the world. These vulnerabilities highlight the growing need for a robust multilayered cybersecurity strategy to protect Indonesia's critical infrastructure.
A multilayered cybersecurity strategy is crucial for protecting critical infrastructure systems from cyberthreats, reducing weak links in the systems and mitigating the impacts of such attacks. This approach involves implementing multiple layers of security measures to detect, prevent and mitigate the impacts of different types of attacks that target each layer of a cybersystem.
For example, network security measures such as firewalls and intrusion-detection systems can prevent unauthorized access to critical systems. Effective monitoring and incident-response protocols can detect and respond to attacks in real time, minimizing the damage caused. Imposing robust encryption on sensitive and valuable data and information in the system can prevent hackers from understanding and utilizing its content for their benefits.
