June 26, 2024
JAKARTA – The government will not pay the US$8 million ransom demanded by attackers responsible for the ransomware attack at two temporary National Data Center (PDN) facilities since last week that disrupted public services.
The facilities were subject to a cyberattack last week, as confirmed by the National Cyber and Encryption Agency (BSSN) on Monday, resulting in the disruption of immigration services and other public services.
The attackers used Brain Cipher, an update of the LockBit 3.0 ransomware, the variant reportedly used by hacker group LockBit in a similar attack last year on state-owned sharia lender Bank Syariah Indonesia (BSI).
They also demanded an $8 million ransom, according to state-owned telecommunications firm PT Telkom Indonesia. The company’s subsidiary Telkomsigma operates the temporary PDN facilities in Jakarta and Surabaya, East Java.
But the government “will not pay” the ransom, Communications and Information Minister Budi Arie Setiadi said at the Presidential Palace in Jakarta on Monday, as reported by Kompas.
But the minister was reluctant to reveal the identity of the hackers, asserting that more details on the latest cyberattack would be announced following the BSSN investigation.
“We are still evaluating [and] are trying our best to restore [the system],” Budi added.
“The important thing is that public services can resume,” he continued, claiming that public data remained safe despite the disruption.
In a press briefing on Monday, the ministry said around 210 databases belonging to central government and regional administration institutions were impacted by the attack, which was first reported on Thursday.
As of Monday, several agencies, including immigration offices, the Office of the Coordinating Maritime Affairs and Investment Minister and the city of Kediri in East Java, have had their access to the databases restored and have resumed public services.