[FULL] BREAKING NEWS - KOMINFO UPDATE PUSAT DATA NASIONAL "DOWN"

METRO TV

24 Jun 202414:13

Summary

TLDRA ransomware attack named BrainChiper, targeting a national data center in Surabaya, disrupted various government services, including immigration. The cyber attack encrypted critical data, causing temporary service outages. Authorities, including BSSN, Telkom Sigma, and the Indonesian Police, have been coordinating efforts to investigate the incident, restore services, and mitigate further risks. The attackers demanded a ransom of $8 million. While some services have resumed, the investigation is ongoing, with further efforts to secure public data and prevent future breaches.

The video is abnormal, and we are working hard to fix it.
Please replace the link and try again.

Q & A

What incident was discussed in the press conference?
-The incident discussed was a cyber attack on the temporary data center in Surabaya on June 20th. The attack was identified as a ransomware attack using a new variant of the 'Lockbit 3.0' ransomware, known as 'Brainchiper'.
What were the immediate actions taken by the authorities following the incident?
-After the incident, BSSN and other related organizations coordinated immediately. A team was dispatched from BSSN to Surabaya to assist Kemimpo and Telkom Sigma in managing the temporary data center where the attack occurred.
What was the impact of the ransomware attack on public services?
-The ransomware attack disrupted several public services, including immigration services. However, immigration services were restored by Monday morning, and other services such as visa, passport, and immigration management were also being gradually restored.
What is the significance of the 'Brainchiper' ransomware variant?
-'Brainchiper' is a mutated version of the 'Lockbit 3.0' ransomware, which continuously evolves to carry out cyberattacks. This makes it important for cybersecurity teams to stay updated and prepared for new variants.
How are authorities handling the encrypted data from the cyber attack?
-The encrypted data is being analyzed as part of an ongoing forensic investigation. The data is being decrypted as part of the effort to fully understand the extent of the attack and recover critical information.
What measures have been taken to secure the affected systems?
-The affected systems were isolated and quarantined to prevent further damage. The authorities are actively working on securing these systems and ensuring that no further breaches occur.
How many institutions were affected by the cyber attack?
-Around 20 institutions, both national and regional, were affected by the cyber attack. Many of them have since resumed operations after migration and recovery processes.
Was there any demand for ransom from the attackers?
-Yes, the attackers demanded a ransom of 8 million USD to decrypt the affected data, according to reports from the authorities.
What was the status of immigration services after the attack?
-Immigration services were significantly impacted, but by Monday morning, they were fully operational again. Services such as visa, passport issuance, and immigration management resumed normal operations.
Were there any concerns regarding data leaks in connection with the attack?
-There were concerns about the leakage of data, but further investigation revealed that the data found on the dark web was from old, outdated sources. The police confirmed that the data was not related to the recent cyber attack.