Post-Attack on PDN: What is the Level of Data Security in Indonesia, Which One Is Urgent to Fix

  Editorial INTI     3 bulan yang lalu
4f5a6a80bd176106458f34bce1f0a2742fee85977bd616e06763eec3a22bb1a6.jpg

Jakarta, INTI – Recently, Indonesia faced a shocking cyberattack known as Brain Cipher ransomware, which targeted the Interim National Data Center (PDNS) 2 in Surabaya. This cyberattack not only disrupted various public services but also highlighted the need for the government and related agencies to enhance cybersecurity in Indonesia. What is the current state of data security in Indonesia, and what needs urgent improvement?

The State of Data Security in Indonesia

According to a report from the National Cyber and Encryption Agency (BSSN), cyberattacks in Indonesia have surged significantly in recent years. In 2023 alone, more than 1.5 million cyber incidents were detected, a 35% increase from the previous year. These attacks targeted not only the private sector but also the public sector, which manages sensitive public data.

BSSN also reported that the most common types of cyberattacks are phishing, ransomware, and Distributed Denial of Service (DDoS). Specifically, the Brain Cipher ransomware that attacked PDNS 2 is a new variant of Lockbit 3.0, which had previously targeted several major organizations in various countries.

Impact of the Brain Cipher Ransomware Attack

The attack on PDNS 2 had a significant impact on public services. A total of 282 tenants, consisting of various ministries and government agencies, were affected. Among the disrupted services were immigration services, event licensing by the Coordinating Ministry for Maritime Affairs and Investment (Kemenkomarves), and services from the National Public Procurement Agency (LKPP).

Nezar Patria, Deputy Minister of Communications and Informatics, stated that the recovery team has been working intensively around the clock to restore the disrupted services. To date, several critical services, such as immigration and Kemenkomarves event licensing, have gradually been restored.

What Needs Urgent Improvement?

  1. Enhancing Security Systems: The Brain Cipher ransomware attack revealed vulnerabilities in the current security systems. Enhancing security systems, including updating security software and implementing stricter security protocols, is a top priority.
  2. Data Recovery and Backup: This incident underscores the importance of having reliable and well-planned data backup systems. PDNS 2 used backup data from PDNS 1 and PDNS 2 to restore services at the temporary Disaster Recovery Center (DRC) in Tangerang. More sophisticated and regular backup systems should be implemented to ensure data can be quickly recovered.
  3. Cybersecurity Training and Awareness: Increasing awareness and capability among employees in dealing with cyber threats is crucial. Regular training on identifying and responding to cyber threats should be conducted for all staff, both in the public and private sectors.
  4. Interagency Collaboration: Closer collaboration between the government, private sector, and international organizations is necessary to share information and strategies in facing cyber threats. BSSN and the Ministry of Communications and Informatics (Kominfo) need to strengthen cooperation with international cybersecurity agencies.
  5. Regulations and Security Standards: Updating and enforcing more comprehensive and stringent cybersecurity regulations and standards are needed to protect the nation's digital infrastructure. The government must ensure that all organizations comply with established security standards.

Recovery Steps

The recovery process is being carried out in several stages. In the short term, backup data from PDNS 1 and PDNS 2 is being used to restore services at the temporary DRC in Tangerang. Meanwhile, Telkom Sigma and Lintas Arta are responsible for medium-term recovery of PDNS 2 and conducting forensic analysis of the attack.

In the long term, the overall architecture normalization of PDNS 2 will be performed once all services are fully functional. These steps are expected to strengthen the security system and prevent similar attacks in the future.

The Importance of Cybersecurity in the Digital Era

Deputy Minister of Communications and Informatics, Nezar Patria, emphasized that this attack is an important lesson for all parties to enhance a safer digital transformation. "We must not be defeated or retreat just because of this incident. We certainly need to learn a lot and create a system that closes all possibilities of similar incidents recurring," he said.

According to him, cybersecurity issues have become extremely important in the era of increasingly connected technology and the internet. The World Economic Forum also mentioned that cybersecurity is one of the top five global risks that every country must pay attention to.

Conclusion

The Brain Cipher ransomware attack disrupted several important public services in Indonesia. However, with quick recovery measures and stringent mitigation actions, the government aims to ensure that similar incidents do not occur in the future. Increasing awareness of the importance of cybersecurity is essential to protect data and digital systems from increasingly sophisticated cyber threats.

To support the development of the economy, technology, and the digital world, the Indonesia Internet Expo and Summit 2024 within the Indonesia Technology and Innovation (INTI-2024) will be the right platform to see the latest innovations in technology and the internet. INTI is the largest technology and innovation exhibition and conference in Indonesia. Join and register yourself to get the latest information and participate in the event. https://inti.asia/

Ad

Ad