Key Points:
- President Widodo mandates an audit of government data centers following a severe ransomware attack.
- The attack affected over 230 public agencies, disrupting services like immigration and airport operations.
- Lack of data backup was identified as a major problem, with criticisms of governance and budget constraints.
- Communications Minister Budi Arie Setiadi faces calls for resignation and social media backlash.
Indonesian President Joko Widodo has mandated an audit of government data centers after a recent ransomware attack exposed significant vulnerabilities in the country’s digital infrastructure. The attack considered the worst cyber incident in Indonesia in recent years, disrupted several government services, including immigration and operations at major airports.
The cyberattack affected more than 230 public agencies, including various ministries. Despite the attack, the Indonesian government has refused to pay the $8 million ransom demanded by the hackers to retrieve the encrypted data. President Widodo has instructed the state auditor to thoroughly examine the country’s data centers.
Muhammad Yusuf Ateh, head of Indonesia’s Development and Finance Controller (BPKP), stated that the audit would focus on the governance and financial aspects of the data centers. This decision follows revelations from Hinsa Siburian, head of Indonesia’s cyber security agency (BSSN), who reported that 98% of the government data stored in one of the compromised data centers had not been backed up. Siberian identified governance issues and the lack of data backup as the main problems.
However, some lawmakers were critical of this explanation. Meutya Hafid, chair of the parliamentary commission overseeing the incident, dismissed the lack of backup as mere “stupidity” rather than a governance issue. The BSSN has not responded to queries about possibly recovering the encrypted data.
Communications Minister Budi Arie Setiadi explained that while the ministry provided backup capacity at the data centers, it was optional for government agencies to use the service. He attributed the lack of data backups to budget constraints but indicated that this practice would soon be mandatory.
The cyberattack has led to widespread criticism of Minister Budi on social media. Digital advocacy group SAFEnet has started a petition calling for his resignation, citing repeated cyber attacks under his watch. In response, Budi shared a separate petition advocating for him to remain in his position. He told parliament the attack was believed to be perpetrated by a “non-state actor” seeking financial gain and assured that government services should be fully restored by August. Ransomware attacks involve hackers encrypting data and demanding payment for its restoration. In this incident, the attackers used an existing malicious software known as Lockbit 3.0.
