Heaptalk, Jakarta — Indonesia’s Ministry of Communication and Informatics (Kominfo) has restored 30 public services affected by a cyber attack on the Temporary National Data Center (PDNS 2) in Surabaya, which Ransomware Brain Cipher attacked on June 20th, 2024.
The Coordinating Minister for Political, Legal, and Security Affairs, Hadi Tjahjanto, delivered, “Based on the results of mapping and validation carried out on 282 Ministries, Institutions, and Regional Governments, around 167 Ministries/Institutions and Regional Governments that were affected by cyber-attacks on PDNS 2. We have restored around 30 services from 12 Ministries/Agencies until Tuesday, July 9th, 2024.”
The government is still working on seven services from six Ministries, Institutions, and other Regional Governments, which are expected to be restored as quickly as possible. Further, the recovery of PDNS 2 services will be through the augmentation of the data backup availability at PDNS 3 (Cold Site) in Batam and local backup at PDNS 2 Surabaya.
As is known, the Ministry of Communication and Informatics has implemented a decryption strategy to restore the assets and services of affected ministries, institutions, and local governments by gradually and carefully addressing the obstacles. Previously, The Brain Cipher Ransomware gang officially granted a description key to access the encrypted data in PDNS for free.
“We will wait for the second party to confirm officially that the key is working and the data is restored. Only after that will we permanently delete the data. If the party says that they have restored the data on their own or with the third party’s backing, we will publish it,” the hacker affirmed.
Further, the Ministry continues implementing several strategies, from short, medium, and long-term strategies in renovating public services in PDNS 2 fully, consisting of:
- Short-term strategy: The National Cyber and Crypto Agency (BSSN), in collaboration with the State Police of the Republic of Indonesia (Polri).
- Medium-term strategy: The government targets deploying tenants and improving governance and Standard Operating Procedures (SOP) in August- September 2024.
- Long-term strategy: The government is conducting a security audit on PDNS 1 and PNDS 2 by an independent third party, scheduled to last until September 2024.
“This short-term strategy is an emergency recovery step that will take place in July – August 2024. Recovery is targeted at priority public services, such as immigration services. Regarding the long-term strategy, audit implementation will be carried out until November 2024,” Acting Director General of Information Applications of Indonesia’s Ministry of Technology and Informatics, Ismail, said.
