5 Kasus Kejahatan Cyber Paling Heboh! (Part 1)

Dewaweb

6 Jun 202204:31

Summary

TLDRThis video highlights several major hacking incidents in Indonesia, shedding light on how various high-profile organizations and government bodies have fallen victim to cyberattacks. Notable cases include the 2021 breach of BPJS Kesehatan, exposing personal data of 279 million people, and a similar breach at BRI Life. Other incidents involve defacement attacks on government websites and data leaks from health-related applications. These attacks, driven by vulnerabilities in security systems, have left millions of citizens' sensitive information exposed and sparked widespread concern over cybersecurity practices in the country.

Takeaways

😀 In May 2021, BPJS Kesehatan's website was allegedly hacked, causing the leakage of data for 279 million Indonesians, which was then sold on an online forum.
😀 The leaked data included personal details such as phone numbers, emails, addresses, and salaries, and was sold for 0.5 Bitcoin (approximately IDR 84.4 million).
😀 The Indonesian Ministry of Communication and Informatics (Kominfo) intervened to prevent the spread of this sensitive data by blocking download links.
😀 In July 2021, BRI Life experienced a similar data breach, with 2 million customers' data being leaked and sold online for USD 7,000 (around IDR 1.6 million).
😀 The leaked data from BRI Life included sensitive information such as ID card photos, bank account numbers, tax IDs, birth certificates, and medical records.
😀 The BRI Life data breach was reportedly caused by a security vulnerability in the company’s electronic system, which was exploited by hackers.
😀 A deface attack also targeted the official website of the Indonesian Cabinet Secretariat (setkab.go.id), altering its appearance with images of demonstrators and a flag.
😀 The website deface was believed to be financially motivated, with the attackers planning to sell backdoor scripts to interested parties.
😀 In 2012, a DDoS (Distributed Denial of Service) attack targeted the official website of the Indonesian House of Representatives (dpr.go.id), causing it to crash.
😀 In July 2021, another cybersecurity attack compromised Indonesia's Ministry of Health (Kemenkes), exposing data of 1.3 million citizens along with personal details of healthcare workers.
😀 These various cyber attacks highlight the ongoing challenges of maintaining robust cybersecurity measures and the consequences of insufficient data protection in Indonesia.

Q & A

What happened to the BPJS Kesehatan website in May 2021?
-In May 2021, the BPJS Kesehatan website (BPJS Kesehatan.go.id) was reportedly hacked. This breach led to the leak of personal data of 279 million Indonesians, which was sold on online forums. The leaked data included phone numbers, emails, addresses, and even salary information. The hacker offered the data for 0.5 Bitcoin (about 84.4 million IDR).
What measures did the Indonesian government take after the BPJS Kesehatan data breach?
-After the BPJS Kesehatan data breach, Indonesia's Ministry of Communication and Information (Kominfo) intervened by blocking the link used to download the leaked data and took steps to prevent further data dissemination.
How did the BRI Life data breach occur in July 2021?
-In July 2021, BRI Life, an Indonesian insurance company, suffered a data breach. Around 2 million customer records, including sensitive personal data like KTP (ID card), tax numbers, and medical records, were leaked and sold online. The breach was due to security flaws in their electronic system, which were exploited by hackers.
How was the BRI Life data breach exposed?
-The BRI Life data breach was first exposed by a Twitter account named Eva the Bridge, which claimed that hackers had accessed and stolen around 253 files from BRI Life, including data on 2 million customers and hundreds of thousands of other documents.
What is a 'deface' attack, and how did it affect the Indonesian government’s website?
-A 'deface' attack is a type of cyberattack where hackers alter the appearance of a website, usually by replacing its original content with their own. In this case, the website of the Secretariat of the Cabinet of Indonesia (setkab.go.id) was hacked, displaying a black screen with a photo of demonstrators holding the Indonesian flag. This attack was financially motivated, as the hackers aimed to sell a backdoor script from the website.
What happened to the DPR RI website in October 2012?
-In October 2012, the official website of the Indonesian House of Representatives (dpr.go.id) was targeted by a DDoS (Distributed Denial of Service) attack, which overwhelmed the server with excessive traffic, causing the website to display an error message and become inaccessible.
What is a DDoS attack, and how did it affect the DPR RI website?
-A DDoS attack involves overwhelming a website's server with a massive amount of traffic, rendering it unable to process legitimate requests. In the case of the DPR RI website, the DDoS attack caused the site to crash and display an error message.
What was the impact of the Kemenkes data breach in July 2021?
-In July 2021, the Indonesian Ministry of Health's electronic health application was hacked, resulting in the exposure of 1.3 million pieces of personal data. This breach not only affected users of the health app but also led to the disclosure of information about passengers and hospital staff, revealing flaws in the application's security protocols.
Why did the Kemenkes data breach happen?
-The Kemenkes data breach occurred due to inadequate security measures in the application, including the use of insecure data storage and a lack of sufficient security protocols to protect sensitive information.
What are some of the main causes of hacking incidents in Indonesia based on these cases?
-The main causes of hacking incidents in Indonesia, as illustrated by these cases, include weaknesses in system security, inadequate protection protocols, and lapses in the vigilance of system operators, which allow hackers to exploit vulnerabilities for malicious purposes.