Heaptalk, Jakarta — Archipelago’s data center, the National Data Center (PDN) in Surabaya, recently faced a cyberattack using the Lockbit 3.0 type of Brain Cipher Ransomware, which disrupted the critical data of Indonesia’s government. Consequently, this hacker attack has paralyzed dozens of public services, including immigration in Indonesia, since last Thursday, June 20th, 2024.
The hacker is known to have encrypted around 282 data and demanded a ransom of around US$8 million, approximately Rp131 billion. Nevertheless, Indonesia’s Ministry of Communication and Informatics (Kominfo) ignored the demand and opted for an independent way to restore public data in the PDN. The government executed one mitigation measure by temporarily migrating immigration services to Amazon Web Services (AWS).
“We were forced to migrate data to AWS. While awaiting National Data Center (PDN) recovery, the emergency solution was to use Amazon for an undetermined period until completely recovered,” Indonesia’s Minister of Law and Human Rights, Yasonna Laoly, said.
While the hacker attacked the country’s immigration services, the CEO of desktopIP, Phidi Soepangkat, perceived this incident as an attempt to undermine Indonesia’s digital image internationally. By creating an adverse experience for foreign nationals, the attackers aimed to bring a rotten global perception of Indonesia’s technological capabilities and data security governance.
“The attack on immigration is intended to create a terrible impression of Indonesia’s data management among foreign nationals regarding its own data center. This incident was aligned with the digital sovereignty matter; I have predicted this attack would happen,” Phidi said.
Indonesia’s Digital Sovereignty being questioned
In response to the government’s measure of data migration in Amazon, Phidi considered that this attempt raises significant questions regarding Indonesia’s digital sovereignty as the government is still unable to gain full control over the backed-up data. Despite the sophistication of foreign technology, Indonesia will never be utterly sovereign if foreign parties still fully control technology and data storage channels.
“True digital sovereignty means possessing exhaustive control over the technology and data. Indonesia will always be vulnerable to such cyber attacks if the aspects of implementation remain diminutive,” the CEO of desktopIP affirmed.
According to Phidi, digital sovereignty lies in full control over multiple aspects: data, access, location, cost, and technology. To minimize similar issues, he underscored the importance of local players in the digital space. He argued that the Indonesian government needs to reconsider its approach and shift its mindset, ensuring that local technology companies are involved and supported in clearing up the trouble.
As one of the strategic options, he also considered a collaborative approach where local companies could work alongside foreign ones but maintain control over critical components. This strategic alliance would ensure that while foreign investments and technologies are utilized, Indonesia preserves the core control and understanding of the systems.
“When discoursing digital sovereignty, do they truly understand its meaning? As of today, I have observed that Indonesia’s concept of digital sovereignty only lies in the physical location of data storage within the country. If we develop the technology independently, we could deceive hackers by choosing diverse locations, even overseas, to store critical data. It is all about strategy and mindset in risk mitigation. The National Data Center (PDN) will never be entirely secure if our way of thinking and mentality do not change.” CEO Phidi Soepangkat voiced.
Amplifying core competencies
Aligned with Phidi’s statement, Tresna Apriansyah, the COO of desktopIP’s subsidiary Mocaas TV, emphasized that the time has come for the government and all stakeholders in Indonesia to begin reinforcing core competency in the context of technological independence. He stressed the significance of government and private sector collaboration in strengthening national technology infrastructure.
“Regarding the data integration, this is only the top layer mechanism where everyone can carry out data integration. Most importantly, where will the data end up and be saved? These should run in parallel. The archipelago’s government and all stakeholders should be aware of this. Now is the moment to transition towards boosting core competency, in terms of Indonesia’s technological independence, where Indonesia’s data sovereignty must be strengthened,” he added.
As one of the local companies, Tresna revealed that DesktopIP, with its made-in-Indonesia technological infrastructure, can strengthen the Jokowi-led country’s technological independence, demonstrated by accomplishing the Domestic Level (TKDN) of over 85% for its two products, including a cloud storage Jaybod (87.71%), and a cloud computing infrastructure ifVirty (83.28%). For this reason, he looks forward to the government’s solemnity in proving that the platform built by the nation’s children is reliable, eventually unlocking Indonesia to be a producer and foreign market expansion.
“TKDN is not merely our accomplishment in getting high scores; it shows that we, as local players, managed to develop our core in technology independently.” Tresna Apriansyah in his closing statement.
