Indonesia’s government websites faced a significant cyberattack on 20 June 2024. A ransomware called Braincipher shut the doors on online services for over 200 government offices. This caused big problems for many people in Indonesia. But the biggest mess happened at immigration offices.
Emergency Measures
Indonesia’s Temporary National Data Center in Surabaya, East Java, was hit by a ransomware attack on 20 June 2024. The cyberattack hurt a lot of important online services run by the government.
“This was due to a ransomware cyber attack called Braincipher,” said Hinsa Siburian, Head of Indonesia’s National Cyber and Crypto Agency during a press conference in Jakarta on Monday, 24 June.
The Braincipher that attacked Indonesia’s Temporary National Data Center is a new variant of the Lockbit 3.0, a sophisticated ransomware that can lock a system and encrypt data so that it can be used by cybercriminals to blackmail victims.
The ransomware affected online services of more than 200 Indonesia’s government agencies, including the Ministry of Law and Human Rights, the Coordinating Ministry for Maritime Affairs and Investment, the Ministry of Public Works and Housing, the Public Procurement Agency.
However, the most severe disruption occurred in the immigration services of the Ministry of Law and Human Rights. This is because this service is one of the most heavily accessed by the public which caused its data to be moved to private cloud storage, Amazon Web Services (AWS). The emergency measure was taken while waiting for the Temporary National Data Center to be restored.
“We were forced to migrate (the data) to AWS. This is an emergency solution as we are waiting for the restoration (of the Temporary National Data Centre),” said Yasonna Laoly, Indonesia’s Minister of Law and Human Rights.
Extended Beyond Airports
The early sign of this cyberattack began with long queues at auto gates on Thursday (20/6) at various airports in Indonesia, including Soekarno-Hatta in Cengkareng, I Gusti Ngurah Rai in Bali, and Hang Nadim in Batam. These three are Indonesia’s main Immigration Checkpoints.
Immigration services were paralyzed for hours, resulting in long queues because immigration’s electronic systems were replaced by manual checks. This means that the immigration officer stamps arrival simply by writing the date, time and flight number accompanied by the officer’s initials. This made things slow and passengers had to wait a long time. The attack’s impact extended beyond airports, with immigration offices nationwide unable to issue new passports and process visas/stay permits.
Finally, after 100 hours of disruption, the Indonesian government finally admitted the attack was caused by hackers. The National Cyber and Crypto Agency knew they couldn’t get the scrambled information back, but they did some things to stop the attack from spreading.
Consequently, they utilize locally stored data backups maintained by each agency to restore the system of the online public services. Each government office that was affected, used their own backups to rebuild their online systems. Additionally, the agency also fortified cloud storage at two data centers in different provinces to prevent similar incidents in the future.
Lessons Learned for the Future
The Braincipher incident is a wake-up call about how important it is to protect important computer systems from hackers. Especially when it comes to data privacy and state security. Having strong cybersecurity and making regular backups of information can help get things back online faster if there’s an attack.
Our team stays current on the latest immigration update, ensuring we provide you with the most accurate advice. If you have any questions whether the recent disruption at Immigration Office might affect your plans in Indonesia, don’t hesitate to reach out to us. See our contact information below or simply fill in our inquiry box explaining what you need. We will get back to you with the personalized solutions.