Cyberattacks have become an increasingly complex and tangible threat to organizations worldwide, including government and private institutions in Indonesia. Between Jun. 17 and Jul. 3, Indonesia’s Deposit Insurance Corporation (LPS) recorded 2.5 billion distributed denial-of-service (DDoS) attacks.
This incident underscores the urgent need for LPS and other institutions to enhance their data security systems. Cybersecurity has now become a strategic risk factor, with the potential to affect institutional reputation and even global economic stability.
According to Universitas Gadjah Mada’s digital security expert, Professor Ridi Ferdiana, such attacks can severely damage an institution’s reputation if data security systems are not properly reinforced. He explained that many data management systems, particularly those in the banking and financial sectors, still rely on outdated technologies.
“Some systems are still running on Windows Server 2008 or even earlier versions,” said Professor Ferdiana on Tuesday (Jul. 8).
He noted that improving data security and operating system protection requires a robust legacy infrastructure. This is because the patching process to secure each system instance can take over 24 hours. The level of protection depends on the volume of data, the number of cases, and the level of server support.
“On top of that, there are workforce limitations, and institutions must also comply with regulatory standards and international benchmarks, which add to the operational burden,” he said.
To mitigate threats such as data theft or abuse resulting from security breaches, Professor Ridi recommended several strategic measures. First, institutions should adopt a threat intelligence platform capable of real-time threat analysis, which can detect approximately 85% of initial attacks.
He also emphasized the importance of collaborating with relevant agencies such as Indonesia’s National Cyber and Crypto Agency (BSSN) and other stakeholders.
“Support from Internet Service Providers (ISPs) is also crucial so that we can detect indicators of compromise early. For example, if an attack is detected in Yogyakarta, we could block it from as far as Singapore,” he explained.
Second, Professor Ferdiana encouraged institutions to actively consult and share threat indicators with BSSN, as the agency can map and analyze attack patterns across sectors.
“There needs to be ongoing collaboration with BSSN and other stakeholders,” he said.
Third, he emphasized the need to strengthen network scrubbing infrastructure to absorb large-scale attacks.
“Specialized infrastructure must be installed for this purpose,” he added.
In addition to these steps, Professor Ferdiana recommended regular incident simulations and response drills to ensure teams can react swiftly during real incidents.
“Finally, automation, particularly in patch management, is critical, since most attacks exploit vulnerabilities in operating systems, websites, or applications,” he concluded.
Author: Kezia Dwina Nathania
Editor: Gusti Grehenson
Illustration: Freepik