•   Home
  • News
  • • Recovery Efforts After Cyber Attack on PDNS 2...

Recovery Efforts After Cyber Attack on PDNS 2

  Editorial INTI     3 bulan yang lalu
1d5b5cbf52e3a6ad6977e2a3c0f3dda6e42ee8d24da69133d51b60412f7d1c18.jpg

Jakarta, INTI – The Ministry of Communication and Informatics (Kominfo), the National Cyber and Crypto Agency (BSSN), Telkom Sigma, and several ministries/agencies using the Temporary National Data Center (PDNS) 2 are gradually recovering the affected system services due to a cyber attack.

The Director General of Informatics Applications of the Ministry of Kominfo, Semuel A. Pangerapan, stated that the short-term recovery process is being carried out by restoring services at the Temporary Disaster Recovery Center (DRC) using backup data from PDNS 1 and PDNS 2.

"As of today, there are three services that have gradually recovered, namely immigration services, event licensing services of the Coordinating Ministry for Maritime Affairs and Investment, and LKPP services," Semuel explained in Central Jakarta, Tuesday (06/25/2024).

Service Recovery Process

According to Dirjen Semuel, efforts are currently being made to restore 282 PDNS 2 tenants. Director of Network & IT Solution at PT Telkom Indonesia Tbk, Herlan Wijanarko, explained that PDNS services are supported by two data centers located in Tangerang and Surabaya, as well as one DRC that acts as a cold backup in Batam.

"After the disruption at PDNS 2 Surabaya due to the Brain Cipher Ransomware attack, 282 tenants were affected. The short-term recovery process is carried out by restoring services at the Temporary DRC in Tangerang using available backup data," he explained.

In the medium term, Telkom Sigma and Lintas Arta will soon recover PDNS 2 quickly while the forensic process is ongoing. "In the long term, normalization of the overall architecture will be done once PDNS 2 is back in operation," Herlan said.

Ongoing Investigation

BSSN Spokesman Ariandi Putra explained that the preliminary forensic analysis found an attempt to disable Windows Defender security features starting on June 17, 2024, at 11:15 PM WIB, allowing malicious activities to run.

"Malicious activities began occurring on June 20, 2024, at 12:54 AM WIB, including the installation of malicious files, deletion of critical filesystems, and disabling of active services. It was discovered that on June 20, 2024, at 12:55 AM Windows Defender crashed and was unable to operate," he explained.

According to Ariandi, the BSSN team is still undergoing a comprehensive investigation after identifying the source of the Brain Cipher Ransomware attack, which is a new development of the Lockbit 3.0 ransomware. "Further analysis will be conducted on the ransomware samples involving other cybersecurity entities. This is important for lesson learned and mitigation efforts to prevent similar incidents," he said.

Importance of Collaboration and Coordination

The success in restoring the system services affected by the cyber attack is due to good collaboration and coordination among various parties. The swift recovery of services such as immigration, event licensing of the Coordinating Ministry for Maritime Affairs and Investment, and LKPP demonstrates the government's commitment to maintaining the stability of public services.

Additionally, the importance of having adequate DRC and backup data serves as a crucial lesson in facing future cyber threats. The experience from this attack is expected to raise awareness and preparedness among all parties in addressing potential cyber threats.

Public Support

The public is urged to remain calm and support the government's efforts in this recovery. "We ask for the support and prayers from everyone so that this recovery process runs smoothly and all services can return to normal as usual," Semuel said.

To support the development of the economy, technology, and the digital world, the Indonesia Internet Expo and Summit 2024 within Indonesia Technology and Innovation (INTI-2024) will be the perfect platform to see the latest innovations in technology and the internet. INTI is the largest exhibition and conference on technology and innovation in Indonesia. Follow and register yourself to get the latest information and participate in the event. https://inti.asia/

Ad

Ad