Indonesian government didn’t have backups of ransomwared data, because DR was only an option
Indonesia’s president Joko Widodo has ordered an audit of government datacenters after it was revealed that most of the data they store is not backed up.
The audit and revelation that Indonesia lacks a backup plan came in aftermath of ransomware attack on the nation’s Temporary National Data Center (PDNS) that took place on June 20th and resulted in widespread disruption of digital services.
Government officials communicated that a fresh variant of the LockBit malware, named Brain Cipher, was used in the attack.
“Just like other ransomware, it encrypts all data, all files on the server they attack,” Deputy Minister of Communication and Information Nezar Patria explained.
The data is being held hostage for 131 billion Rupiah (US$8 million.) Communication and Informatics Minister Budi Arie Setiadi told journalists the government does not intend to pay.
Authorities are instead attempting to decrypt the data.
The audit order reportedly came after a closed door government meeting last Friday and was announced to reporters afterward by head of the Financial and Development Supervisory Agency Yusuf Ateh.
A timeline for the audit wasn’t given, but Ateh did comment “The sooner, the better,” as auto translated from Indonesian Bahasa.
On the floor of Parliament [VIDEO] the head of the National Cyber and Encryption Agency (BSSN), Hinsa Siburian admitted no backup was made for 98 percent of the data stored in one of the two compromised data centers.
“This is not a governance issue, it’s a stupidity issue to have national data without a single backup,” responded Chair of the First Commission of the People’s Representative Council, Meutya Hafid.
According to Budi, backup capacity is available to government agencies at the datacenters – but using it is optional. Most agencies did not use it because of budget constraints, however, in the future it will become mandatory.
While not backing up data has played an obvious role in the struggle to get systems back online, vice president Ma’ruf Amin has credited the severity of the attack to the unification of institutions and ministry data.
“Once it was centralized, it turned out that once it was hacked, everyone was affected. I didn’t think hacking was so devastating in the past,” the vice president told reporters last Friday. ®
READ MORE HERE