[ad_1]
go through Irving Renaldi and Natasha Salim
(ABC – Australia) The hackers behind a massive cyberattack on the Indonesian government have unexpectedly apologized and offered to release stolen data.
Last month’s attack on a government data center disrupted immigration checks at airports and affected more than 230 government agencies and services across the country.
Critical data systems are locked down and encrypted, and there are concerns that personal and sensitive data could be compromised.
The attack was carried out by a group called “Brain Cipher,” according to Indonesia’s National Cyber and Cryptography Agency.
Cybercriminals demanded a ransom of nearly $12 million, but the Indonesian government refused to pay.
But the group later issued a public statement on its website on Tuesday, apologizing and promising to provide the decryption key “free of charge” by Wednesday.
“We hope that our actions will make it clear to you how important it is to fund the industry and recruit qualified experts,” the statement said.
“Our attack had no political backing, it was just a post-paid penetration test.
“Fellow Indonesian citizens, we sincerely apologize for the impact this has had on everyone.”
They also called on the Indonesian government to publicly express its “gratitude” for the group’s “independent” decision.
“If a government representative thinks it’s wrong to thank the hackers. You can do it privately at the post office.”
It is unclear whether the group has followed through on its promise.
Attack exposes Indonesia’s ‘weak’ cybersecurity
The Indonesian government was criticized following the attack, particularly for failing to back up large amounts of data.
Jakarta lawmaker Meutya Hafid said the attack was a “stupid act”.
Indonesian Minister of Communications and Information Technology Budi Ali Setiadi said in a statement that while Indonesia’s data centers have backup capabilities, government agencies can choose whether to use the service.
He said government agencies were not yet backing up data due to “budget constraints” but that it would soon be mandatory.
Cybersecurity analyst Alfons Tanujaya said Indonesia’s cybersecurity is “weak”.
“It’s about political structures, the way data is perceived and the rapid pace of digitisation,” he told the ABC.
Tanujaya said part of the problem is that officials responsible for managing the data are often political appointees who got their positions through bargaining during elections rather than qualified professionals.
The ABC has contacted Indonesia’s communications minister for comment.
Mr Tanujaya said the apology statement was “unexpected” but appeared genuine.
“I think the hackers are only apologizing for causing many Indonesian citizens to lose access to their data, and are not necessarily sorry for what they did,” he said.
According to Indonesian investigative magazine Tempo, more than 400 million cyber attacks occurred in 2023, compared to 370 million in 2022.
Many of these used phishing techniques, where victims downloaded malware embedded in email links.
related
[ad_2]
Source link
