TheJakartaPost
Please Update your browser
Your browser is out of date, and may not be compatible with our website. A list of the most popular web browsers can be found below.
Just click on the icons to get to the download page.
Ransomware and its impact on bank secrecy
While it is understandable for authorities to require banks to disclose their secrets in the public interest, the increasing frequency of cyber incidents underscores the need for caution
Change text size
Gift Premium Articles
to Anyone
Share the best of The Jakarta Post with friends, family, or colleagues. As a subscriber, you can gift 3 to 5 articles each month that anyone can read—no subscription needed!
Cashing in: A customer of Bank Syariah Indonesia (BSI) withdraws cash at an ATM in Meulaboh, West Aceh regency, Aceh, on May 14, 2023. The bank’s president director, Hery Gunardi, said the bank’s services had resumed after a series of cyberattacks from May 8 to May 11. (Antara/Syifa Yulinnas)
R
ansomware has struck again, this time targeting a temporary national data center (PDNS) and exposing vulnerabilities in our government's digital infrastructure. The attack, which disrupted several government databases, has sparked widespread public attention and debate.
In response, the Indonesian Consumer Community (KKI) has filed a legal action against the communications and information minister with the Jakarta State Administrative Court, accusing him of failing to prevent and mitigate the devastating impacts of the cyber assault.
At first glance, the PDNS doesn't appear to have any direct connection to banking institutions. Interestingly, its impact on banking services has also become a concern for the government. Media outlets have reported that the Financial Services Authority (OJK) has reassured the public that Indonesia's banking services remain secure. This is because the banking industry is not linked to the PDNS system.
While this reassurance is crucial to maintain public trust in the financial sector, it raises a critical question: What happens if a similar attack targets other institutions? Will the OJK need to reaffirm the security of banking services every time a government entity is breached?
Determining whether a cyberattack outside the banking system automatically excludes confidential banking information is far from straightforward. Although prevailing laws strictly govern bank secrecy, financial data can still be stored outside of banks.
This is due to the interconnection of banking transactions with other sectors in the financial services industry. Moreover, several provisions allow exceptions to bank secrecy, further complicating the issue.
This situation calls for increased vigilance when it comes to safeguarding confidential information within the banking sector. While it is clear that banks are required to uphold strict confidentiality, important questions persist. Just how stringent are these obligations, and how effectively are they regulated?
