Hacker Demands $8 Million Ransom After Cyber Attack On Indonesia’s Data Centre

A cyberattack on Indonesia’s national data centre compromised hundreds of government offices and caused long delays at the capital’s main airport, with the hacker demanding an $8 million ransom, officials said Monday.

Long queues formed at immigration gates at Jakarta’s Soekarno-Hatta International Airport last week after systems went down in the attack, carried out using software developed by Russian ransomware outfit LockBit, an official from the communications ministry said.

The attack “affected 210 institutions at the national and local levels,” senior official Semuel Abrijani Pangerapan told reporters on Monday, adding a dark web hacker had demanded a $8 million ransom.

He added that immigration services were returning to normal on Monday morning and work was being done to restore other affected services.

Authorities are still investigating the ransomware, known as Brain Cipher, which made government data inaccessible due to encryption, he said.

LockBit and its affiliates have targeted governments, major companies, schools and hospitals, causing billions of dollars of damage and extracting tens of millions in ransoms from victims.

Typically, their programmes — once inserted by the ransomware operator into a target’s IT systems — are manipulated to freeze, via encryption, the target’s files and data.

The United States, Britain and Australia last month unveiled sanctions against the leader of LockBit, which they accuse of extorting billions of dollars from thousands of victims.

The group was responsible for a quarter of all ransomware attacks worldwide last year, and has extorted “over $1 billion from thousands of victims globally,” according to the UK government.

The top five countries hit by LockBit were the United States, Britain, France, Germany and China, according to Europol, the European Union’s law enforcement agency.

Indonesia has a weak cyber security record, with poor online literacy and frequent leaks.

In 2021 during the Covid-19 pandemic, researchers for encryption provider vpnMentor revealed the data of 1.3 million users of a government test-and-trace app had been compromised.

The reveal came just months after the data of more than 200 million participants of the National Health Care and Social Security Agency (BPJS Kesehatan) was allegedly leaked by hackers.