The Indonesia Ministry of Communications announced that hackers targeted the National Center for Processing by using the Mount Program to encrypt systems. This attack led to disruptions in the functioning of immigration checks at airports and other public services.
The Temporary National Data Center’s systems, PDNS, were compromised by a new variant of the LockBit 3.0 ransomware program. The attack, as reported by CNBC Indonesia, could potentially result in data leaks from state institutions and local authorities.
The Ministry of Communications stated that the hackers demanded an $8 million ransom for the data decryption. The government made it clear that they would not give in to the extortionists’ demands.
The cyberattack began on June 20, affecting various services including visa and residence permit registration, passport services, and immigration document controls. This caused airport immigration queues to grow. By June 24, most affected immigration services were restored, and crucial data was moved to the cloud.
Additionally, the attack impacted the platform used for online payments to schools and universities, leading to a registration extension by the regional government. Overall, the ransomware disrupted the operations of at least 210 local services.
Initial findings reveal that the attack commenced with the disabling of the Windows defender security feature on June 17 at 23:15 local time. This enabled harmful activities to persist, with the attackers installing malicious files, deleting important data, and disabling essential services. Key data storage files like VSS, Hyperv Volume, Virtualdisk, and Veaam Vpower NFS were tampered with. The Windows defender ceased functioning on June 20 at 00:55, exacerbating the situation.
As investigations continue, authorities have isolated infected networks to contain the breach. Limited analysis is possible due to the encryption of systems. The Ministry of Communications declined to provide further details on the incident. Third-party IB companies will be engaged to assess