Indonesia’s communications minister faces pressure to resign following cyberattack

Avatar

Indonesia’s communications and informatics minister, Budi Arie Setiadi, is facing public pressure to resign following a large-scale ransomware attack on the country’s national data center that disrupted over 200 institutions, including government agencies.

A petition urging Setiadi to step down was signed by over 18,500 Indonesians since it was launched last week by the local digital rights organization Southeast Asia Freedom of Expression Network (SAFEnet).

“As a state institution responsible for data and information management, including security, the Ministry of Communication and Information Technology should also be held accountable for the current ransomware attack,” the petition said.

“For this reason, Setiadi must resign as a matter of responsibility and apologize publicly for this situation.”

The minister hasn’t responded to Recorded Future News’ request for comment. On Saturday, he told local news media that he would not comment on the petition. “It’s the public’s right to have a say,” he added.

The petition for Setiadi’s resignation was launched on the Change.org platform and sent to Indonesia’s communication ministry and the country’s president, Joko Widodo.

SAFEnet, a nonprofit established in Bali in 2013, promotes digital rights, organizes security training for vulnerable groups in Indonesia and Southeast Asia, and monitors freedom of expression on the internet. It also works with other digital rights groups across Southeast Asia on issues such as censorship, surveillance and internet access.

In its latest petition, SAFEnet is criticizing Indonesian officials for allowing the disruption of essential services, including immigration and operations at major airports, and for not properly communicating the situation to the public.

“The government is largely silent and not transparent about what is happening,” the petition said.

According to a report by The Jakarta Post, Setiadi’s ministry missed its target of restoring at least 18 institutions’ databases by the end of June , as only five institutions had their services restored and resumed activities by Sunday.

In the incident, Indonesia’s Temporary National Data Center (PDNS) was reportedly infected with Brain Cipher, a new variant of the notorious LockBit 3.0 ransomware, earlier last week. The hackers have demanded $8 million in ransom for decrypting the data, but the Indonesian government has refused to pay.

Officials haven’t revealed whether any information has already been leaked or if it will be possible to recover the encrypted data, which could include population data such as names, addresses and  personal identity numbers, as well as industry-specific information on national health programs and the education curriculum.

The investigation into the incident is still ongoing. This attack has been described as the worst in Indonesia in recent years.

Since the cyberattack, many of the affected services are still unavailable to the public, according to local media reports. In a statement to Reuters before the weekend, Setiadi said that government services should be fully restored by August. Widodo stated on Saturday that the operation of services will return to normal in July. 

Last week, Widodo ordered an audit of government data centers after local cyber officials reported that the data stored in one of the two compromised centers had not been backed up. 

Setiadi told local media that government agencies did not back up the data due to budget constraints, but he added that this would soon become mandatory.

GovernmentCybercrimeNewsPeople
Get more insights with the

Recorded Future

Intelligence Cloud.

Learn more.

No previous article

No new articles

Daryna Antoniuk

is a reporter for Recorded Future News based in Ukraine. She writes about cybersecurity startups, cyberattacks in Eastern Europe and the state of the cyberwar between Ukraine and Russia. She previously was a tech reporter for Forbes Ukraine. Her work has also been published at Sifted, The Kyiv Independent and The Kyiv Post.

 

Total
0
Shares
Previous Post

Russia to ban 81 foreign media outlets in response to Europe’s sanctions

Next Post

Poland to probe Russia-linked cyberattack on state news agency

Related Posts

Lazarus Group Spotted Targeting Nuclear Engineers with CookiePlus Malware

The Lazarus Group, an infamous threat actor linked to the Democratic People's Republic of Korea (DPRK), has been observed leveraging a "complex infection chain" targeting at least two employees belonging to an unnamed nuclear-related organization within the span of one month in January 2024. The attacks, which culminated in the deployment of a new modular backdoor referred to as CookiePlus, are
Avatar
Read More