TheJakartaPost
Please Update your browser
Your browser is out of date, and may not be compatible with our website. A list of the most popular web browsers can be found below.
Just click on the icons to get to the download page.
The urgent need for cyber-physical resilience in critical infrastructure
The recent ransomware attack targeting Indonesia's National Data Center serves as a stark reminder that governments worldwide need to ramp-up efforts to prevent and mitigate cyberattacks through a multidimensional approach with a focus on critical sectors.
Change text size
Gift Premium Articles
to Anyone
Share the best of The Jakarta Post with friends, family, or colleagues. As a subscriber, you can gift 3 to 5 articles each month that anyone can read—no subscription needed!
Communications and Information Minister Budi Arie Setiadi (left) and National Cyber and Encryption Agency (BSSN) head Hinsa Siburian attend a meeting with House of Representatives Commission I overseeing communications and information on June 27, 2024 at the Senayan legislative complex in Jakarta, about the Brain Cipher ransomware attack on temporary National Data Center facilities. (Antara/Dhemas Reviyanto)
I
ndonesia experienced yet another severe ransomware attack recently, one that targeted its National Data Center and crippled operations across hundreds of government agencies. The attackers demanded a US$8 million ransom, placing immense pressure on the nation's cybersecurity infrastructure.
This incident served as a stark reminder of Indonesia's vulnerability to cyber threats, which are expected to increase in frequency and sophistication in the coming years.
Ransomware attacks on information technology (IT) systems are increasingly common. A notable example is the 2017 NotPetya attack on Maersk, which disrupted the company's global network within hours, resulting in losses of approximately $300 million and highlighting the maritime sector's vulnerability to cyber threats.
This susceptibility was further accentuated by subsequent incidents, such as the January 2023 ransomware attack on DNV that affected 1,000 vessels, and the April 2023 attack that compromised the industrial control systems of US Navy contractor Fincantieri Marine Group, emphasizing the critical need for enhanced cybersecurity measures across industrial sectors.
In recent years, cyberattacks have evolved beyond targeting IT systems to focus on operational technology (OT) as well. For instance, attacks on sensor systems like GPS spoofing and LiDAR jamming can compromise navigation systems.
A cyberattack incident in June 2024 involved mass automatic identification system (AIS) spoofing in the Black Sea, where nearly 50 vessels broadcast their locations as Simferopol International Airport in Crimea and around 30 vessels broadcast their locations as Gelendzhik Airport near Novorossiysk, Russia. Such attacks on OT systems can have severe physical consequences.
Modern critical sectors increasingly rely on cyber-physical systems (CPS) that integrate cyber and physical functionalities to enhance efficiency, but also expose vulnerabilities. Attacks on CPS-reliant sectors, such as transportation, energy and health, pose significant risks to public safety, economic stability and national security.
