Indonesia Refuses to Pay $8M Ransom After Cyberattack
A cybercrime group is demanding $8 million after compromising Indonesia's national data center — an amount the government is refusing to pay. Since June 20, more than 200 government agencies have been disrupted by the cyberattack, according to Samuel Abrijani Pangerapan, director general of informatics applications with the Communications and Informatics Ministry.
Pangerapan told the Associated Press that these agencies are at both the regional and national levels, and though some of them have returned to operations (such as immigration at airports), others are still not yet operational.
According to Herlan Wijanarko, Indonesia's director of network and IT solutions, the threat actors are holding data hostage and offering a key to access the information in exchange for the $8 million ransom.
However, Communications and Informatics Minister Budi Arie Setiadi told the AP that the government will not pay the ransom. Instead, the National Cyber and Crypto Agency is conducting forensics to help the center recover from the attack. The head of the crypto agency also noted that it detected a sample of LockBit 3.0 ransomware.
"The disruption to the national data center and days-long needed to recover the system means this ransomware attack was extraordinary," said Pratama Persadha, chairman of Indonesia's Cybersecurity Research Institute. "It shows that our cyber infrastructure and its server systems were not being handled well."
This is the most severe cyberattack on the country's government agencies and companies since 2017.
