His resignation comes amid growing calls for Communications Minister Budi Arie Setiadi to also resign. An online petition demanding Setiadi’s resignation has garnered more than 25,000 signatures, citing his lack of accountability in handling recurring cyberattacks.
President Joko Widodo told reporters on Wednesday that a full audit of the incident was underway and the focus was on ensuring all sensitive data in government agencies was protected.
Asked whether Budi would be removed from office, Widodo said the government was still “evaluating everything.”
“First of all, we must find solutions to ensure that the cyberattack does not happen again and [to ensure] “that all our national data is backed up,” he said.
The hacking group had demanded an $8 million ransom but has since apologized and provided a decryption key to unlock the stolen data, even after the government refused to pay the ransom.
The Ministry of Communications verified on Thursday that the decryption key was functional and is working to restore the systems.
The ministry expects a full recovery next month, with only 2% of the data recovered so far.
12:14
The Snowden leaks shocked the world. A decade later, what has changed?
The Snowden leaks shocked the world. A decade later, what has changed?
Beltsazar Krisetya, a researcher at the Center for Strategic and International Studies in Jakarta who specializes in cybersecurity issues, said it was only a matter of time before a cyberattack of this magnitude targeted Indonesia.
“The regulatory, institutional and technical aspects of data protection in Indonesia are pending,” he said, adding that current security gaps meant data breaches and ransomware attacks were “to be expected.”
The hack has crippled Indonesia’s immigration system, leading to long queues at airport immigration offices as officers manually check passengers’ passports.
Other systems, including the electronic purchasing registry and online applications for scholarships and tuition assistance, were also affected.
Cyberattacks are common in Indonesia, and authorities are often accused of downplaying these incidents instead of being transparent about the scale of the problem and the risks to citizens’ personal data.
Digital rights group Southeast Asia Freedom of Expression Network (SAFEnet), which launched the petition calling for Budi’s resignation, said at least 113 cases of personal data leaks had been reported in Indonesia over the past two years.
On social media, Indonesians continued to demand greater accountability from Budi and the Ministry of Communications and Information.
“The minister should also resign. In fact, the director general should have resigned earlier,” political analyst Yanuar Nugroho said on social media platform X.
CSIS’s Krisetya said the new Indonesian government should choose the next communications and information minister based on merit instead of treating the appointment as a political one.
“The position requires broad knowledge of telecommunications, media ecosystem, content moderation, internet access and other elements of ICT. [information and communications technology] which fall within its jurisdiction.
“It is essential to have a minister with experience in ICT and who can bridge the gap between technical issues and policy.”
Additional reporting by Bloomberg
