Indonesia ransomware attack disrupts digital services, govt rejects $8M demand

Indonesian officials have cross-checked A ransomware attack on Indonesia’s Temporary National Data Center (PDNS) has disrupted various digital public services, including immigration, since Thursday, June 20, 2024. The National Cyber and Crypto Agency (BSSN) confirmed the incident, which has impacted over 200 government agencies at both national and regional levels.

According to the head of BSSN Hinsa Siburian, efforts to address the disruption are ongoing in coordination with the Ministry of Communication and Information and other relevant parties. The hacking group behind the attack has demanded an $8 million ransom, which the government has refused to pay, the Washington Post reports. Authorities have admitted that they will not be able to recover the affected data, according to KOMPAS.com.

Samuel Abrijani Pangerapan, director general of Informatics Applications at Kominfo, emphasized the widespread impact of the attack, which has caused significant operational challenges across various government sectors.

In response to the disruption, Administrative and Bureaucratic Reform (PANRB) Minister Abdullah Azwar Anas held a meeting at the ministry office, with the focus on accelerating the targets of INA Digital following its recent launch, and urging that the ministry needs to receive more inputs from practitioners.

Assistant Deputy for Digital Transformation of Public Services Yanuar Ahmad highlighted the ministry’s push for integrated electronic public services through Digital Public Service Malls (MPPs) in eastern provinces. This initiative aims to streamline and enhance the efficiency of government administration, as directed by President Joko Widodo and the ministry.

Meanwhile, the country continues to adopt digital technologies, with a biometrics implementation by police. The Indonesian Traffic Police Corps (Korlantas Polri) has launched a new application for its Electronic Traffic Law Enforcement (ETLE) system, now equipped with facial recognition technology. The launch aligns with President Widodo’s broader vision for digital transformation, as outlined during the 2024 Electronic-Based Government System (SPBE) summit held at the State Palace in Jakarta.

The Indonesian government will have to hope the fallout from the ransomware attack does not undermine confidence in its attempt to advance digital initiatives to improve public service delivery and administrative efficiency.

National Police Headquarters responds to biometrics breach

Authorities say the leak of fingerprint biometric data from the Indonesian Automated Fingerprint Identification System (INAFIS) is old, but police will work with stakeholders to mitigate both the risk from leaked data and the risk of any further leaks, CNN Indonesia reports.

Indonesian officials have cross-checked data released to dark web forums for an asking price of US$1,000, and determined that it is old data held by the Indonesian National Police (Polri), but is not related to the hack on the PDNS.

This post was updated at 11:13am Eastern on June 26, 2024 to include new information about both breaches.

Article Topics

biometrics  |  cybersecurity  |  data privacy  |  digital government  |  INA Digital  |  Indonesia