Skip to content
Illustration of two ghostly red hands emerging from a computer screen to take over the keyboard in a cyberattack

Illustration by iStock; Security Management

Indonesia Refuses to Pay $8M Ransom in Data Center Cyberattack

How much would you charge for a nation’s data? A hacking group is asking for an $8 million ransom after it compromised Indonesia’s national data center. The government says it won’t pay.

The Temporary Pusat Data Center (PDNS) 2 was hit by ransomware criminals on 20 June in an attack that affected more than 200 institutions in the country, including digital services for immigration, visas, passports, and residence permits. This resulted in long lines at immigration desks at airports, Reuters reported.

Officials said that data stored in the affected systems was isolated and other data is being migrated to unaffected third-party data centers and service providers.

At this point, some services have resumed—immigration services at airports are back online after the country migrated immigration data to Amazon Web Services, according to Data Center Dynamics—but many others remain hampered by the incident. Managers of those services are continuing to migrate data outside the affected data center.

Indonesia’s National Cyber and Crypto Agency (BSSN) announced the breach was the result of a ransomware attack called Brain Cipher, a variant of LockBit 3.0, according to government-owned news agency Antara. Investigations and cyber-forensics are still ongoing, but the evidence is encrypted, which hampers progress.

But don’t expect Indonesia to pay up to speed up the process. The Minister of Communication and Informatics, Budi Arie Setiadi, flatly denied the government would pay or comply with the attackers’ demands.

“The disruption to the national data center and days-long needed to recover the system means this ransomware attack was extraordinary,” Indonesia’s Cybersecurity Research Institute Chairman Pratama Persadha said, according to the Associated Press. “It shows that our cyber infrastructure and its server systems were not being handled well.”

Persadha noted that a ransomware attack would have been meaningless if the Indonesian government had a good backup that could automatically take over the main data center server during an attack.