TheJakartaPost
Please Update your browser
Your browser is out of date, and may not be compatible with our website. A list of the most popular web browsers can be found below.
Just click on the icons to get to the download page.
Cyberattacks on the rise in 2021: SAFEnet report
As many as 193 digital attacks were recorded by SAFEnet in 2021, an increase of 38 percent from 147 attacks in 2020, according to SAFEnet.
Change Size
C
yberattacks in Indonesia were on the rise last year and increasingly targeted select groups such as activists, students, journalists and individuals, indicating alarming efforts to weaken civil society and curb critical opinions, a Southeast Asia Freedom of Expression Network (SAFEnet) report revealed.
As many as 193 digital attacks were recorded by SAFEnet in 2021, an increase of 38 percent from 147 attacks in 2020, according to SAFEnet. These attacks include hacking, data extraction, phishing, impersonation and doxing.
Most attacks took place in September, with 34 attacks reported that month, followed by 26 cyberattacks reported on May. According to SAFEnet, activists were frequently attacked last year, with 50 incidents reported, followed by individuals (34 incidents), students (27 incidents) and journalists (25 incidents).
SAFEnet executive director Damar Juniarto said the increased frequency of attacks in certain months “cannot be separated” from the national political situation in those months, pointing out the links between the frequency of the attacks and the ongoing public discourse at the time, namely the controversial civic knowledge test that was taken by the independent Corruption Eradication Commission (KPK) workers as part of their transition to civil servant status.
He went on to say that, in addition to the increase in frequency, cyberattacks in Indonesia had become increasingly political as they targeted select groups known to be critical of the government.
"Based on the data that we collected, digital attacks in Indonesia are becoming increasingly political, as a high number of attacks targeted critical groups, such as civil society organizations, activists, journalists and students. More than half of the attacks are targeted at them," Damar said in a webinar on Wednesday.
Hacking, referring to any attempt to control or access digital assets owned by the target of the cyberattack, were the most common form of digital attack, accounting for 70 percent of the attacks in 2021. This was followed by doxing, which accounted for 12 percent of the cyberattacks in SAFEnet’s report.
In addition, new types of cyberattacks have emerged such as Zoom bombing and SMS masking, as people rely more on digital platforms during the pandemic.
Commission for Missing Persons and Victims of Violence (Kontras) coordinator Fatia Maulidiyanti, who also spoke in the same webinar, said the increase in frequency of digital attacks on activists was partly caused by the pandemic, which forced many activities from civil society to be moved online. These attacks are believed to have been intended to intimidate activists into not providing a critical voice against the government, she added.
Not only were activists more likely to be targeted by digital attacks, they were also the group most prosecuted by the draconian Electronic Information and Transactions (ITE) Law, according to the SAFEnet report.
At least 10 activists were charged under the ITE Law last year, accounting for 26.3 percent of cases involving the ITE Law last year, marking the first time that activists had become the most prosecuted group since the law came into force in 2008, according to SAFEnet. In previous years, the most prosecuted groups were individuals.
SAFEnet also highlighted in its latest report that while digital attacks that targeted government agencies had declined from 38 incidents in 2020 to 17 incidents in 2021, such reported incidents in 2021 had significantly greater impact as the attacks focused primarily on breach of citizens’ data.
In May, the private information of more than 200 million Indonesians managed by the Health Care and Social Security Agency (BPJS Kesehatan) was believed to have been stolen and offered up for sale by alleged hackers.
The alleged BPJS Kesehatan data breach was one among many similar incidents that occurred last year, including the alleged breach of at least 10 government agencies, including the State Intelligence Agency (BIN), by China-based hackers. The breach was discovered by Insikt Group, the research division of threat intelligence company Recorded Future in April and was reported by cybersecurity publication The Record in September.
"Private data breaches repeatedly occurred last year. This should be an alarm for the government to fix cybersecurity in Indonesia," Damar said.
