JAKARTA, Indonesia- Indonesian President Joko Widodo has ordered an urgent audit of government data centers on Friday after a crippling ransomware attack exposed the country’s significant cybersecurity vulnerabilities.
The attack, described as Indonesia’s worst in recent years, disrupted critical government services, including immigration and major airport operations.
Last week’s ransomware assault hit over 230 public agencies, including key ministries, paralyzing numerous services.
Despite an $8 million ransom demand, the government stood firm, refusing to pay for the decryption of the compromised data.
This decision left many services in limbo and sparked an immediate response from state auditors and cybersecurity officials.
Responding to the attack, Indonesia’s state auditor announced that President Widodo had instructed a comprehensive examination of the country’s data centers.
Muhammad Yusuf Ateh, head of Indonesia’s Development and Finance Controller (BPKP), stated the audit would focus on both governance and financial aspects.
This directive followed a cabinet meeting led by the president, underscoring the urgency of the situation.
Governance Failures and Lack of Backups
Hinsa Siburian, head of Indonesia’s cyber security agency (BSSN), revealed a startling fact: 98pc of the government data stored in one of the two compromised data centers lacked backups.
“The main issue is governance, and there is no backup,” he told a parliamentary hearing. This lack of preparedness was met with harsh criticism from lawmakers. Meutya Hafid, chair of the commission overseeing the incident, bluntly stated, “If there is no backup, that’s not a lack of governance. That’s stupidity.”
Despite these harsh words, Budi Arie Setiadi, Indonesia’s communications minister, defended the government’s stance.
He admitted that while backup services were available, they were optional due to budget constraints.
He assured that this policy would soon change, making backups mandatory to prevent future incidents.
The cyberattack, attributed to the notorious Lockbit 3.0 ransomware, has sparked widespread criticism of Minister Budi on social media.
Digital advocacy group SAFEnet even launched a petition calling for his resignation, accusing him of neglecting his responsibilities amid repeated cyberattacks.
Budi, however, remained defiant, circulating a counter-petition supporting his continuation in office.
In a bid to reassure the public and lawmakers, Budi informed parliament that a “non-state actor” motivated by financial gain was behind the attack.
He promised that all affected government services would be fully restored by August.
Ransomware attacks, where malicious software encrypts data and demands payment for its release, have become increasingly common and devastating.
This incident has been a wake-up call for Indonesia, emphasizing the critical need for robust cybersecurity measures and reliable data backup systems.
Indonesia’s recent ransomware attack has laid bare the country’s cybersecurity weaknesses, prompting immediate government action and widespread calls for accountability.
As the nation scrambles to recover, this incident is a great reminder of the importance of proactive cybersecurity measures and the necessity of comprehensive data backups.