Indonesia Loses the Majority of its Government Data to a Cyberattack; Devoid of Backups

Indonesia is facing significant data recovery challenges following a recent hack that damaged government systems. 

Officials revealed that the great majority of the targeted data was not backed up, hampering efforts to restore important information and exposing the government's inadequate cybersecurity measures. 

This incident emphasizes the need for reliable data backup methods and the growing threat of cyberattacks on government infrastructure.

Indonesia refuses to pay $8 million ransom after cyberattack on national data center https://t.co/MBgnFDlGTr

— TIME (@TIME) June 25, 2024

Indonesia is Shaking from the Worst Cyberattacks!

The worst cyberattack in the country in recent years occurred last week, disrupting several government systems, including immigration and major airport operations.

Indonesian President Joko Widodo ordered an inspection of government data centers on June 28 after officials revealed that the majority of data damaged by a previous ransomware cyber assault was not backed up, exposing the country's vulnerability to similar attacks.

What Aspects the Audit Will Cover?

In response to the cyberattack, Indonesia's state auditor stated that the Indonesian President directed it to examine the country's data centers.

Mr Muhammad Yusuf Ateh, Indonesia's development and finance controller, said the audit would cover "governance and the financial aspect" after attending a Cabinet meeting convened by Mr Widodo on June 28.

Mr Hinsa Siburian, an official who chairs Indonesia's cyber security organization known as BSSN, stated that 98% of the government data held in one of the two compromised data centers had not been backed up.

"Generally, we see the main problem as governance, and there is no backup," he told a parliamentary session late on June 27.

How Much Data Has Been Lost?

The government has stated that more than 230 public agencies, including ministries, have been affected, but has refused to pay the US$8 million ransom required to recover the encrypted data.

Indonesia's communications minister, Budi Arie Setiadi, stated that: 

“The ministry has backup capacity at the data centers, but it was up to government entities to use the facility.”

He further stated that: 

“Government entities did not back up the data owing to budget constraints and that this would soon become necessary.”

Ransomware offenders employ software to encrypt data and then demand payment from victims to restore it. According to Indonesia, the attacker in this event used Lockbit 3.0, an existing harmful malware.

Breach of Indonesia Automatic Fingerprint Identification System (INAFIS)

Date: June 22, 2024

Leaked by: MoonzHaxor on BreachForums

Summary:
MoonzHaxor, a member of BreachForums, has uploaded a significant data breach involving the Indonesia Automatic Fingerprint Identification… pic.twitter.com/jja3QfPy4C

— FalconFeeds.io (@FalconFeedsio) June 22, 2024

Indonesia's Data Breach Exposed Vulnerabilities!

The failure of data backups following a significant ransomware attack on Indonesian government entities reveals critical flaws in the country's cybersecurity system. 

This disaster affected hundreds of organizations, emphasizing the need for stronger data governance, robust backup systems, and a serious discussion about user privacy. 

In a cyberspace world, where personal information is constantly targeted, citizens need the freedom to govern their data and determine who gets access. 

You should get solutions like PurePrivacy to prevent identity theft and impersonation attacks.