JAKARTA (Reuters) – Indonesia’s central bank said on Thursday that it had been attacked last month by ransomware, but the risk from the attack had been mitigated and did not affect its public services.
“We were attacked, but so far so good as we took anticipatory measures and most importantly public services at Bank Indonesia were not disrupted at all,” its spokesperson Erwin Haryono told reporters, adding recovery operations had been conducted.
Indonesia’s cyber agency (BSSN) did not immediately respond to a request from Reuters for comment.
According to CNN Indonesia, a BSSN spokesman said no critical data was leaked and the attacks occurred in a Bank Indonesia office on Sumatra island.
DarkTracer, a platform that monitors and traces malicious activities online, said on Thursday that Bank Indonesia was on a target list of cybercriminals using a malicious software dubbed ‘Conti’.
Ransom software works by encrypting victims’ data and typically hackers will offer a key in return for cryptocurrency payments that can run into the hundreds of thousands or even millions of dollars.
If the victim resists, hackers can then threaten to leak confidential data in a bid to pile pressure on the person or organisation.
Miftah Fadhli, a cybersecurity expert at the NGO Institute of Policy Research and Advocacy (ELSAM), said Bank Indonesia needs to investigate the severity of the attack as it could “carry a big risk” and impact its transactions.
In 2016, Bank Indonesia was among several central banks hit by cyber attacks, though officials said no money was lost. The attacks were mainly DDoS (Distributed Denial of Service) attempts.
(Reporting by Fransiska Nangoy, Gayatri Suroyo, and Stanley Widianto; Editing by Ed Davies, Martin Petty)