Lemahnya Keamanan Data di Indonesia

CNN Indonesia

23 Sept 202205:05

Summary

TLDRIn the last month, Indonesia was shaken by a hacker named Biore, who breached government websites and leaked personal data, including the details of high-ranking officials. Biore claimed responsibility for selling Indonesian citizens' personal data on the dark web, including customer databases from major internet providers and voter data. The hacker also made controversial statements on social media. Experts revealed that government websites are vulnerable to attacks, with many exploits being easy to carry out. A white-hat hacker demonstrated how simple it is to exploit these security flaws, highlighting the urgent need for better cybersecurity measures to protect citizens' data.

Takeaways

😀 Hackers have been causing a stir in the digital world after successfully breaching several personal data and state documents, drawing attention to the vulnerabilities in Indonesia's cyber security.
😀 The hacker, identified as Biore, emerged in August 2023, selling personal data from Indonesian citizens on dark web forums, sparking a major online conversation.
😀 Biore shared a series of posts on BRIS forums, including the personal data of 105 million people, the KPU voter database, and private communication between intelligence agencies and the Indonesian president.
😀 In addition to leaking official data, Biore also exposed private information about government officials, including the Minister of Communication and Information, Johnny, and Jakarta's Governor, Anies Baswedan.
😀 Controversial posts by Biore included criticisms of various political figures, such as accusing Denny Siregar of misusing tax money and commenting on the president's policies regarding fuel price hikes.
😀 The hacker's communication style indicated that they were likely an Indonesian, as the English language used contained distinctive Indonesian characteristics.
😀 The data leak revealed the vulnerability of Indonesian government websites, with hackers easily exploiting weak points like SQL injection vulnerabilities.
😀 White hat hacker Putra Aji demonstrated how easily government websites could be breached using basic techniques like 'dorking' to find exploitable URLs with vulnerable parameters.
😀 According to the Global Data Bridge 2022 report, Indonesia ranked third in the world for data breaches, with 12.7 million cases reported between July and September 2022.
😀 The primary concern with these breaches is the misuse of personal data, such as the creation of fake identities that could be used for criminal activities, stressing the need for stronger data protection measures in Indonesia.

Q & A

Who is Biorka, and what is their role in the recent hacking events?
-Biorka is the pseudonym of a hacker who recently gained attention for breaching various personal data and government documents in Indonesia. They became notorious after leaking sensitive information on online forums such as BRIS Forum, which included private data and documents related to the Indonesian government and public figures.
What kind of data did Biorka claim to have leaked?
-Biorka claimed to have leaked a wide range of data, including the personal information of Indonesian citizens, customer databases from internet service provider Indihome, election data, and sensitive communications between the Indonesian government, including the President and intelligence agencies. They also exposed personal data of high-ranking officials.
How did Biorka gain attention on social media?
-Biorka gained further attention by sharing controversial posts on Twitter, where they criticized government officials and politicians. These included comments about Denny Siregar, Minister Erick Thohir, and Puan Maharani, as well as other political figures, drawing public interest and outrage.
What does the term 'dorking' refer to in the context of hacking?
-Dorking refers to a technique used by hackers to search for vulnerable websites by using specific search queries or parameters to locate websites with potential security flaws. This method helps them find weaknesses in a site's database or other parts of its infrastructure.
What specific vulnerability did the hacker exploit in the government websites?
-The hacker used a vulnerability known as SQL injection, which occurs when a website does not properly filter input data. This allows attackers to manipulate SQL queries and gain unauthorized access to a website's database, potentially exposing sensitive data.
What are the possible consequences of a data breach like the one described in the script?
-A data breach can have severe consequences, including identity theft, fraud, and criminal activity. For instance, leaked personal data can be used to create fake identification cards or other fraudulent documents, which can lead to criminal activities under false pretenses.
What has been Indonesia's ranking in global data breaches?
-According to a 2022 report by Global Data Bridge, Indonesia ranked third globally for the number of data breaches, following Russia and France. Between July and September 2022, there were 12.7 million data breaches reported in Indonesia.
What was the impact of Biorka's actions on public trust in government cybersecurity?
-Biorka's actions exposed significant vulnerabilities in the Indonesian government's cybersecurity, eroding public trust in the safety of personal data. This breach demonstrated how easily hackers could exploit weak government websites and prompted discussions about improving national cybersecurity measures.
Why is the Indonesian government urged to take cybersecurity seriously?
-Experts, like Alfons in the transcript, urge the government to take cybersecurity seriously to prevent more severe consequences, such as identity theft, fraud, or even political instability. The risk of major social or political events being triggered by data breaches, similar to the Brexit vote in the UK or the Arab Spring, is a major concern.
How do the actions of Biorka and other hackers potentially affect national security?
-The actions of hackers like Biorka can significantly impact national security by exposing confidential governmental data, intelligence, and communications. Such breaches could be used for espionage, manipulation, or even destabilizing political situations, undermining trust in public institutions and governance.