Hackers have compromised Indonesia’s national data centre and demanded a USD8 million ransom. The attack disrupted some government services, including at airports last week.
Anne Cutler, Cybersecurity expert at Keeper Security, said protecting critical infrastructure from cyberattacks is as important as protecting it from physical attacks because the consequences can be equally disastrous.
“The recent cyber attack on Indonesia’s national data centre serves as a reminder of this reality,” she said. “This attack may not only have potentially compromised sensitive government data but also put national security at risk. The tangible impact was evident, disrupting airport operations and highlighting how cyber attacks on critical infrastructure can have immediate and significant consequences for Indonesians.”
“Although the investigation is still underway into how threat actors were able to successfully deploy the Lockbit ransomware, human error remains a significant weakness for organisations, with the majority of breaches involving stolen credentials, phishing attacks, misuse or simple user error.”
“In the past when this hacker group has claimed to have information, they have provided at least a sample to prove they have the data,” said Thomas Richards, Principal Security Consultant at the Synopsys Software Integrity Group. “With no actual information provided, and no confirmation from the Federal Reserve of the US Government, the claims might not be accurate. If they were able to breach the FRB and gain access to such sensitive information, the release could be damaging to our financial system.”
“The victims of ransomware attacks are advised against paying the ransom as paying the ransom does not ensure that threat actors won’t release your data or that the data will be decrypted,” said Kelvin Lim, Senior Director of Security Engineering at Synopsys Software Integrity Group. “Threat actors can also consider you as a soft target and launch another attack in the future. The victim should instead focus their resources on recovery from the attack and improving their cyber security posture against future attacks.”