Cyber security system Bank Indonesia penetrated by global hackers on Monday (17/1). A number of non-critical data were successfully retrieved by individuals.
Spokesman for the National Cyber and Crypto Agency (BSSN) Anton Setiawan explained that the data belonging to BI that was hacked was the data of a number of employees.
“Data such as: laptop loans, Swab requests, waste disposal management, event proposals,” said Anton to CNNIndonesia.com, Thursday (20/1).
Anton explained that the data came from the BI branch office in Bengkulu.
“The BSSN and BI teams verify the content of the stored data, the stored data is indicated to be data belonging to the Bemgkulu branch of Bank Indonesia,” said Anton.
This attack was carried out by a cyber group calling itself the Conti ransomware gang. They managed to hack 16 computer devices (PCs) used by BI employees, the latest news being that these devices have been secured by disconnecting servers to avoid theft of important data.
“The attack has been reported by BI to BSSN on December 17, 2021,” said Anton.
Since then, the two agencies have coordinated to take mitigation measures against the cybersecurity incident.
The hack experienced by BI was first reported by a Twitter account called Dark Tracer. In the upload, the account mentions Bank Indonesia as a victim of the Conti ransomware gang attack.
“[ALERT] the Conti ransomware gang announced that “BANK OF INDONESIA” was included in the list of victims,” said Dark Tracer via his official Twitter, Thursday (20/1).
Anticipate BSSN and BI
Anton explained that Bank Indonesia had taken a number of handling steps, especially on devices affected by the attack. The following are the steps that have been taken by Bank Indonesia to handle cyber attack cases:
1. Isolate the PC affected by the ransomware and disconnect the critical category server so that it is not affected by the ransomware.
2. Perform eradication [pemusnahan] against files suspected of being the source of the ransomware spread.
3. Carry out monitoring related to indications of data exfiltration that occurs.
(lom / mik)
–