NPWP Data Breach: Is Indonesia's Cybersecurity System Outdated?

  Editorial INTI     1 bulan yang lalu
9489743a1071741ef08e5fc342d7b513df880fbe54dd60a654fc18f9fc8630ce.jpg

Jakarta, INTI - The recent breach of Nomor Pokok Wajib Pajak (NPWP) data involving several high-ranking officials in Indonesia has shocked the public. This incident raises concerns about the level of cybersecurity in Indonesia, particularly in protecting citizens' personal data. In the rapidly evolving digital age, data security is a crucial issue that cannot be ignored. But why do these breaches continue to happen? Is Indonesia's cybersecurity system outdated and incapable of handling increasingly sophisticated attacks?

Surge in Data Breaches in Indonesia

Data breaches are not new in Indonesia. Over the past few years, similar incidents have occurred. For example, in 2020, a breach involving the healthcare system BPJS Kesehatan exposed more than 200 million personal records. In 2021, data from 1.3 million customers of the e-commerce platform Tokopedia was leaked and sold on the dark web. These incidents reveal significant gaps in Indonesia’s cybersecurity system, which should be the first line of defense against cyberattacks.

Is the Cybersecurity System Outdated?

Indonesia’s cybersecurity system is largely managed by government entities and public institutions, which are expected to have the capacity to protect sensitive data. However, many believe that the security technology being used is outdated and unable to cope with modern cyber threats.

The technology currently in place tends to rely on security protocols that have been in use for years, while hackers continuously develop new methods to bypass these systems. Major tech companies around the world have transitioned to more advanced data protection technologies, such as end-to-end encryption, artificial intelligence (AI), and multi-factor authentication (MFA). Unfortunately, many systems in Indonesia still rely on more traditional, easily penetrable approaches.

Technological Challenges in the Digital Era

As technology rapidly advances, cyber threats are also escalating. According to a report by Norton Cyber Security, cyberattacks increased globally by 30% in 2022. In Indonesia, the National Cyber and Crypto Agency (BSSN) reported more than 1.6 billion cyber threats in 2021. This is an increase from 1.2 billion threats in 2020, indicating that Indonesia has become a serious target for cyberattacks.

One of the biggest problems is the inability of legacy systems to detect and block zero-day attacks, which exploit unknown security vulnerabilities. This is one of the reasons why the NPWP data breach occurred.

Weak Policies and Regulations

In addition to outdated technology, Indonesia’s data protection regulations remain inadequate. The Personal Data Protection Bill (RUU PDP), which has been under discussion for years, has yet to be passed, leaving legal loopholes that can be exploited by those who wish to use personal data illegally. Even government institutions often lack strict protocols for handling citizens’ personal data.

With the increasing urgency of data protection, the Indonesian government should expedite the passage of the PDP Bill and ensure the implementation of data protection technologies in line with international standards.

Solutions to Prevent Future Data Breaches

To prevent a recurrence of breaches like the NPWP case, more advanced technological solutions must be implemented. Some of the solutions include:

  1. Stronger Data Encryption: Utilizing advanced encryption technologies to make stolen data difficult to read without a special key.
  2. AI for Early Detection: AI-based systems can detect threats before attacks happen, providing enough time for relevant institutions to respond.
  3. Multi-Factor Authentication (MFA): Implementing MFA means every access to sensitive data requires multiple verification layers, making it harder for hackers to break in.
  4. Cybersecurity Education and Training: A well-trained workforce is essential. Intensive training for government staff and private sector employees can strengthen the ability to deal with cyberattacks.

The NPWP data breach serves as a stark warning about Indonesia's cybersecurity system. In a world increasingly reliant on digital infrastructure, data protection technologies must be continuously updated to face increasingly sophisticated cyber threats. If this is not done, not only officials but all citizens will be vulnerable to data breaches. It’s time for Indonesia to step up and take serious measures to improve its digital security.

Ad

Ad