Communication and Informatics Minister Budi Arie Setiadi: This Attack Has Paralyzed Us
Translator
Editor
6 July 2024 12:06 WIB
TEMPO.CO, Jakarta - Communication and Informatics Minister Budi Arie explains the cyberattack on the Temporary National Data Center. He dismisses allegations of negligence.
BUDI Arie Setiadi was in Singapore when he received reports that the Temporary National Data Center (PDNS) in Surabaya, East Java, was breached by hackers on Thursday, June 20. After meeting with TikTok executives, the Communication and Informatics Minister held a video teleconference with his team and representatives from Telkom that manage the data center. “I instructed them to focus on restoring public services,” Budi said.
A ransomware attack infected the data center in Surabaya, causing disruptions to the systems of the Directorate-General of Immigration under the Justice and Human Rights Ministry. Passengers faced long queues at immigration counters and delays in passport issuance services.
According to Budi, the ransomware that attacked the data center is a new type called LockBit 3.0. The Chair of Projo—a volunteer group supporting Joko Widodo and Prabowo Subianto—stated that he had reported the incident to the President. Budi claimed that Jokowi urged the Communication Ministry to be more vigilant in safeguarding data.
Budi dismissed accusations of government negligence in securing the data center, insisting that the breach occurred due to a hacker attack demanding a ransom of US$8 million, approximately Rp131 billion. “It’s hard to come up with US$8 million, Boss,” said the former Deputy Minister of Villages, Disadvantaged Regions Development, and Transmigration.
For over an hour, Budi explained the attack on the PDNS to Tempo reporters Sunudyantoro, Erwan Hermawan, Hussein Abri Dongoran, Francisca Christy Rosana, Egi Adyatama, and Yosea Arga Pramudita. He assured that cyberattacks on the government would not stop at the ransomware attack. “We receive 10,000 attacks every day,” he said. Excerpts of the interview:
Was the government negligent in protecting the Temporary National Data Center? We received information that there were warnings before the attack occurred.
There wasn’t any negligence. This is an attack. Whether this results from negligence or not, it’s a matter of perception. This case is the result of an attack. It’s like when you fall, is it because you are hit, or you slip? If we are not prepared when we are hit that’s another matter.
When exactly did the ransomware attack hit?
In the early morning of Thursday, June 20.
Why did the government only announce the incident to the public four days later?
No, let's not speculate. We know the date of the attack, and I know exactly when it happened.
We heard that an employee of the ministry carelessly clicked on a link that became the entry point for the ransomware. What is your response to this?
No, no. This is not because of negligence or carelessness. Once again, this is a disaster and an incident.
Several sources said the link the ministry employee clicked was the beginning of the attack.
As I said, if you don’t brace yourself and you get hit, you’ll fall. Is this negligence? No, not in my opinion. It’s just suddenly being attacked. Like the lyrics of a dangdut song, “Fate, oh fate, why did it happen this way?”
How did the ransomware enter?
We will find out these details later on. Why should I explain it to Tempo? It is the institution’s Internet protocol address and we have the number. In essence, this is not due to negligence but because the perpetrators are of a very high caliber. The attack has paralyzed us.
Who are the perpetrators?
There are two types of actors in a cyberattack like this: a state actor and a non-state actor. The characteristics that we identified in this attack point to a non-state actor. This is different from the situation of Saudi Arabia and Iran some time ago. Those were country against country.
Which non-state actor group was behind this attack?
It could be foreign or local. All conspiracy theories will go around, but everything will be revealed in time. Right now, we are prioritizing (data) recovery, and it’s been going quite well.
Why do these digital attacks happen repeatedly? Before this case, there were Bjorka and Strovian who breached important government data.
Everyone has experienced it, be it big or small. (This is) neither small nor big. It’s just bad luck.
It’s the government that has been neglectful of our data security.
No. Like other cyberattacks, they will never stop. For your information, we face 10,000 cyberattacks every day. That’s why as soon as we were hit by this ransomware, I asked the internal scope to be on alert. It’s impossible to hope for these attacks to stop. We have to strengthen and protect ourselves.
Why hasn’t the government apologized for this attack and the resulting disruptions to public services?
As soon as it happened, we apologized. We immediately expressed our apologies to the public.