Indonesia’s communications minister faces pressure to resign following cyberattack

Indonesia’s communications and informatics minister, Budi Arie Setiadi, is facing public pressure to resign following a large-scale ransomware attack on the country’s national data center that disrupted over 200 institutions, including government agencies.

A petition urging Setiadi to step down was signed by over 18,500 Indonesians since it was launched last week by the local digital rights organization Southeast Asia Freedom of Expression Network (SAFEnet).

“As a state institution responsible for data and information management, including security, the Ministry of Communication and Information Technology should also be held accountable for the current ransomware attack,” the petition said.

“For this reason, Setiadi must resign as a matter of responsibility and apologize publicly for this situation.”

The minister hasn’t responded to Recorded Future News’ request for comment. On Saturday, he told local news media that he would not comment on the petition. “It’s the public’s right to have a say,” he added.

The petition for Setiadi’s resignation was launched on the Change.org platform and sent to Indonesia’s communication ministry and the country’s president, Joko Widodo.

SAFEnet, a nonprofit established in Bali in 2013, promotes digital rights, organizes security training for vulnerable groups in Indonesia and Southeast Asia, and monitors freedom of expression on the internet. It also works with other digital rights groups across Southeast Asia on issues such as censorship, surveillance and internet access.

In its latest petition, SAFEnet is criticizing Indonesian officials for allowing the disruption of essential services, including immigration and operations at major airports, and for not properly communicating the situation to the public.

“The government is largely silent and not transparent about what is happening,” the petition said.

According to a report by The Jakarta Post, Setiadi’s ministry missed its target of restoring at least 18 institutions’ databases by the end of June , as only five institutions had their services restored and resumed activities by Sunday.

In the incident, Indonesia’s Temporary National Data Center (PDNS) was reportedly infected with Brain Cipher, a new variant of the notorious LockBit 3.0 ransomware, earlier last week. The hackers have demanded $8 million in ransom for decrypting the data, but the Indonesian government has refused to pay.

Officials haven’t revealed whether any information has already been leaked or if it will be possible to recover the encrypted data, which could include population data such as names, addresses and  personal identity numbers, as well as industry-specific information on national health programs and the education curriculum.

The investigation into the incident is still ongoing. This attack has been described as the worst in Indonesia in recent years.

Since the cyberattack, many of the affected services are still unavailable to the public, according to local media reports. In a statement to Reuters before the weekend, Setiadi said that government services should be fully restored by August. Widodo stated on Saturday that the operation of services will return to normal in July. 

Last week, Widodo ordered an audit of government data centers after local cyber officials reported that the data stored in one of the two compromised centers had not been backed up. 

Setiadi told local media that government agencies did not back up the data due to budget constraints, but he added that this would soon become mandatory.