Indonesia's national data center has fallen victim to a cyberattack by a hacking group demanding an $8 million ransom. The attack, which began last Thursday, has disrupted services for over 200 government agencies at both national and regional levels.
Efforts are underway to restore affected services, with some already back online such as immigration services at airports. However, challenges remain in restoring services like investment licensing.
The attackers have encrypted data and are seeking the ransom in exchange for a decryption key. Authorities, in collaboration with PT Telkom Indonesia, are working to investigate and break the encryption to regain access to the data.
The government has made it clear that they will not pay the ransom, focusing instead on recovery efforts and forensic investigations by the National Cyber and Crypto Agency.
The cyberattack has been identified as a Lockbit 3.0 ransomware attack, marking the latest in a series of ransomware incidents targeting Indonesian government agencies and companies since 2017.
Experts have highlighted the severity of this attack, emphasizing the need for better cyber infrastructure management and backup systems to mitigate such incidents in the future.
Previous cyber incidents in Indonesia include a ransomware attack on the central bank in 2022 and a hacking incident on the health ministry's COVID-19 app in 2021, exposing sensitive data of millions of individuals.
Last year, a hacker group known as LockBit ransomware claimed to have stolen a significant amount of data from Indonesia's largest Islamic bank, Bank Syariah Indonesia.
