Observers Find Strong Indications Of Cyber Attacks On AGO Sites

JAKARTA - On Tuesday, February 11, the official website of the Attorney General's Office of the Republic of Indonesia (kejagung.go.id) was allegedly hacked by hackers on behalf of himself @unrooter.id, @raja_jawa19xx and @fablo_small.

In a note left behind, the hacker claims that they have also managed to obtain data that includes employee information, guest data, an electronic ticketing system, to case data that is being handled by the prosecutor's office.

Responding to this incident, the Head of the Legal Information Center (Kapuspenkum) of the Attorney General's Office (Kejagung) Harli Siregar denied that the AGO.go.id website was hacked and claimed that they were carrying out maintenance.

However, Chairman of the CISSReC Cyber Security Research Institute (Communication & Information System Security Research Center) Pratama Persadha, responded that there were indications of a fairly strong hack based on evidence circulating on social media.

"When the CISSReC team conducted an investigation, the website of the AGO.go.id who was a victim of the deface was inaccessible and only showed information that the site was on maintenance. However, judging from the screenshot that had circulated, there had indeed been a hack on the AGO website," Pratama told VOI Tuesday, February 11.

Because according to Pratama, the hacker had entered an information on the news channel on the AGO website, where the hacker wrote their anonymous account and made a welcome to Pak Febri, and asked him to return the house located in Hang Tuah.

But when further investigation was carried out, CISSReC also found that only the main website that was being carried out was maintenance, while subdomains from the AGO's website could still be accessed normally.

Seeing this incident, Pratama highlighted the potential vulnerability in the content management system (CMS) or the web application used by the AGO.

If there are security loopholes such as SQL Injection, Remote Code Execution (RCE), or Cross-Site Script (XSS), hackers can gain unauthorized access into the internal system, including sensitive data.

However, Pratama emphasized, if the data is valid and cyber attacks actually occur, this is not just a deface, but a legal, political and national security threat.

Access can also be obtained through social engineering or insider threats (insiders), reinforced by @fablo_small claims regarding the balance of ETLE fines of Rp37 billion and internal documents distributed by hackers.

"The Attorney General's Office as a law enforcement institution often handles sensitive cases, so the potential for sabotage or leakage from within must be taken into account," he said.