Indonesia president orders audit of government data centers after it finds most of the data they store is not backed up

Code Skull
(Image credit: Shutterstock)

The recent ransomware attack against two Indonesian government owned data centers has revealed that most of the data stored did not have a backup.

An audit of government data centers has been ordered by Indonesian President Joko Widodo after it was found that one of the two data centers hit by the June 2024 attack did not backup 98% of its stored data.

Brain Ciper, a new version of the Lockbit ransomware, was used in the attack with the group responsible demanding 131 billion Rupiah (US$8 million) for the decryption key.

No intention to pay

Budi Arie Stiadi, Communication and Informatics Minister, said in a statement (via The Register) that the Indonesian government does not intend to pay, and is instead attempting to decrypt the data.

The attack targeted the Temporary National Data Center (PDNS) and took place on June 20th, with many digital services being interrupted by the ransomware attack.

In a further statement from Budi it was revealed that government agencies have the option to back up data on government datacenters, but many of them chose not to or were unable to do so due to budgetary constraints.

Vice president Ma’ruf Amin said that much of the damage was due to how centralized the networks of government agencies had become, stating “Once it was centralized, it turned out that once it was hacked, everyone was affected. I didn't think hacking was so devastating in the past.”

Responding to the lack of backups on government data centers, Chair of the First Commission of the People’s Representative Council, Meutya Hafid, said, “This is not a governance issue, it’s a stupidity issue to have national data without a single backup.”

More from TechRadar Pro

Benedict Collins
Staff Writer (Security)

Benedict has been writing about security issues for close to 5 years, at first covering geopolitics and international relations while at the University of Buckingham. During this time he studied BA Politics with Journalism, for which he received a second-class honours (upper division). Benedict then continued his studies at a postgraduate level and achieved a distinction in MA Security, Intelligence and Diplomacy. Benedict transitioned his security interests towards cybersecurity upon joining TechRadar Pro as a Staff Writer, focussing on state-sponsored threat actors, malware, social engineering, and national security. Benedict is also an expert on B2B security products, including firewalls, antivirus, endpoint security, and password management.