Indonesia’s National Data Center (PDN) server experienced disruptions starting Thursday, Jun. 20, 2024, due to a ransomware cyber attack.
A software researcher from the UGM Faculty of Engineering (FT UGM), Professor Ridi Ferdiana, expressed regret over this incident, noting that the PDN collects critical assets for the Indonesian public, containing various data needed by institutions and people.
Professor Ferdiana mentioned that this incident serves as a “bitter pill” and a moment of self-reflection for the PDN to improve information system architecture, security procedures, and computer network security.
“For the public, it will certainly lower the level of trust, especially when placing personal data in the PDN,” Professor Ferdiana explained on Friday (Jun. 28).
He outlined several cybersecurity measures that can be implemented to prevent future cyber attacks on the PDN server. These include establishing regular inspection procedures related to security vulnerabilities and implementing network security procedures for the public and PDN administrators.
“This includes regular maintenance to review security perimeters, procedural compliance, and updating information systems,” Professor Ferdiana said.
However, more importantly, he suggested that the PDN should start comprehensively implementing the pillars of a well-architected framework in collaboration with Cloud practitioners to ensure their infrastructure is more robust and reliable.
“PDN can design a high-availability cloud infrastructure based on a disaster recovery plan to ensure a smooth recovery,” Professor Ferdiana added.
Additionally, he advised the PDN to implement encryption at the data row level (row field security) or file level during both in transit (sending process) and at rest (storage process). This way, the stolen data remains unreadable even if ransomware attacks occur.
Moreover, he emphasized the need for active government involvement in this matter, highlighting that the government should establish and enforce data center security regulations that adopt existing cloud-based data center standards.
“Due to this attack, we must be vigilant, especially for data center owners. Implementing a Zero Trust Policy in organizational networks needs to be immediately applied to important data access,” Professor Ferdiana concluded.
As is known, the PDN cyber attack involved ransomware, which is software that actively blocks access to data and its content for the data owner. Consequently, data owners cannot access their data.
Ransomware attackers demand a ransom to restore access and data content through a decryption key. Ransomware is malware that enters through internet networks and locks important files using encryption controlled by the attacker.
Author: Dita
Editor: Gusti Grehenson