JAKARTA – Indonesia said it is starting to recover data encrypted in a massive ransomware attack that affected more than 160 government agencies in June.
The attackers, calling themselves BrainCypher, demanded a ransom of US$8 million (S$10.7 million) to unlock the data, but later apologized and released the decryption key for free, according to Singapore cybersecurity firm StealthMall.
The attack disrupted several government services, including immigration and major airport operations, and Indonesian authorities have acknowledged that much of the data had not been backed up.
Coordinating Minister for Political, Legal and Security Affairs Hadi Tjahjanto said in a statement late on July 11 that data from 30 public services across 12 ministries had been recovered using “cryptography strategies,” but did not provide details.
“The Ministry of Communications and Information is adopting a decryption strategy to restore services and assets from affected ministries, government agencies and local governments. We are handling this in a phased manner,” the statement said.
It was not immediately clear whether the government had used Brain Cypher’s decryption keys. Prime Minister Hadi and Communications and Information Minister Budi Ali Setiadi did not immediately respond to requests for comment.
Ransomware attackers use the software to encrypt data and then demand that victims pay to have it restored. Indonesia said the attack involved malicious software called Lockbit 3.0. The Jakarta Post/Asia News Network
