The data breach, linked to a hacker identified as “Bjorka,” is the latest in a series of cyberattacks targeting critical state and private institutions, including Indonesia’s armed forces and the police. These persistent cyberattacks have exposed the fragile state of the country’s cybersecurity systems and have left authorities scrambling to stem the tide.
Thousands of Documents Stolen
The latest breach came to light last week after an unidentified Telegram user claimed to have stolen thousands of documents, including letters from BIN to President Widodo, Jakarta Globe reported. Bjorka reportedly posted nearly 680,000 documents on breached.to, an illegal forum where stolen data is sold. According to Indonesian analysis group D-insights, the trove of data includes a letter from BIN about Indonesia’s 74th Independence Day celebration in 2019. This is not Bjorka’s first run-in with the Indonesian government. Earlier this month, the hacker claimed to be behind a cyberattack that exposed 1.3 billion SIM card registration details. The same threat actor stole 20 GB of personal information from about 105 million Indonesian citizens, possibly from the country’s electoral commission. It is unclear how Bjorka got access to crucial Indonesian state databases. Bjorka reportedly had billions of leaked credentials they used for these malicious exploits, the dark web criminal intelligence platform, DarkTracer, revealed on Twitter. In 2021, Bjorka “created and operated a leaked data search engine site called “leaks[.]sh.”” Twitter has suspended Bjorka’s account, but several accounts have popped up, claiming to be the notorious hacker.
Conflicting Statements, Mounting Pressure
Meanwhile, a presidential spokesperson has denied reports about the stolen correspondence of Indonesia’s leader. “There are no data or letters that have been hacked. But of course, any attempt to break into [the government data system] is against the law and I think law enforcement agencies will take action,” The Head of The Presidential Secretariat, Heru Budi Hartono, said on Saturday. However, at a press conference on Monday, Mahufud MD, the Coordinating Minister of Politics, Law, and Human Rights, confirmed that there had indeed been a cyberattack that exposed some documents. But he insisted that the compromised documents do not contain any confidential data. In the aftermath of the recent data breaches, there is growing pressure on Indonesia’s Minister of Communication and Information Technology, Johnny G. Plate, to resign. Critics say the ministry has failed to take action to combat the rampant cyberattacks. According to INTERPOL’s ASEAN Cyberthreat Assessment 2021 report, Indonesia is one of the top targets for cybercriminals among ASEAN countries, with nearly 750,000 phishing attacks and 1.3 million ransomware attacks in 2020. Southeast Asian countries have chalked remarkable economic growth in recent years, and the cybersecurity threats facing these countries appear to have also increased significantly. To learn more about threats, check out our in-depth guide to phishing, business e-mail compromise, ransomware, and cryptojacking.
