The government of Indonesia has suffered a ransomware attack that crippled many of its organizations and caused quite a nuisance for its citizens - but says it won't be held to ransom
Government officials confirmed its National Data Center (PDN) was struck on June 20, with the attack apparently organized by an affiliate of LockBit, with the encryptor used was LockBit 3.0, with some saying the variant’s name is Brain Cipher.
At least 210 national institutions were affected by the incident, The Register reported, citing local media, including the nation’s immigration office, which led to problems in issuing passports, visas, residence permits, and similar - leading to long lines at airports around the country.
Not paying up
Remedying a ransomware attack can be done in two ways - either the victims pay up and (hope to) get the decryption key which allows them to resume operations, or they restore an airgapped backup and then negotiate about stolen files.
The country’s officials didn’t say if the ransom had been paid or not. The attackers asked for roughly $8 million in cryptocurrency.
Besides Business Email Compromise (BEC), ransomware remains one of the most destructive and disruptive cyberattack methods out there. Hundreds of hacking collectives are buying access to important institutions from initial access brokers, and then renting out ransomware encryptors from different ransomware-as-a-service providers, such as LockBit.
They then proceed to exfiltrate sensitive data from the victims, before encrypting all files. That way, should the victims restore their systems from a backup, the attackers would still have sensitive data which they can threaten to release online unless a payment is made.
Via The Register
More from TechRadar Pro
- How can businesses best mitigate against ransomware threats?
- Here's a list of the best firewalls today
- These are the best endpoint protection tools right now