Heaptalk, Jakarta — In response to the cyber attack on the National Data Center (PDN), President of the Republic of Indonesia, Joko ‘Jokowi’ Widodo, instructed the Head of Financial and Development Supervision (BPKP), Muhammad Yusuf Ateh, to conduct an audit of the PDN.
“We will conduct an audit regarding the governance of the National Data Center. We are still looking for problem spots and analyzing the detailed amount of government agencies to be audited to determine how significant this cyber attack’s impact will be.” Yusuf affirmed,
In his further statement, Yusuf said that this audit step was the right way to discover potential governance errors and the impact of data leaks at PDN. He claimed that PDN had never been audited before. For this reason, the President urged the BPKP to audit by deepening PDN’s governance and finances.
“We will carry out the audit process as quickly as possible. Nonetheless, the audit completion would be executed for the undetermined period,” Affirmed Yusuf.
On June 20th, 2024, the National Data Center was attacked by malicious software called Lockbit 3.0 of the Ransomware Brain Cipher, disrupting the government’s critical data and dozens of public services, specifically immigration services at major airports. The attack was getting complicated as around 98% of the government data stored in one of the two compromised data centers had not been backed up, Head of Indonesia’s Cyber Security Agency (BSSN), Hinda SIburian, voiced.
The ransomware attackers demanded a USD8 million ransom to retrieve the encrypted data. Ignoring the demanded ransom, the Ministry of Communication and Informatics continues to execute data-restoring measures, expected to be accomplished in mid-August 2024. Nevertheless, around 43 service user agencies in several regions, consisting of 21 ministries/institutions, one province, 18 districts, and three cities, were saved as the data stored at PDN Surabaya was only the backed-up data.
