Cyber Threat Rises Drastically, BSSN Highlights Low Digital Security Awareness

Deputy III of the National Cyber and Crypto Agency, Sulistyo, when presenting the material for cybersecurity and code management development activities in Southwest Papua, Tuesday (29/7/2025). ANTARA/Yuvensius Lasa Banafanu

SORONG - Deputy III of the National Cyber and Crypto Agency (BSSN), Sulistyo, revealed that the threat of cyber attacks in Indonesia continues to increase significantly. However, this increase was not accompanied by adequate awareness from local governments, agencies, and individuals in protecting their digital assets.

"The lack of understanding and response to this threat is a challenge in itself for strengthening the national cyber defense system," said Sulistyo in a cyber security and code management development activity in Sorong, Southwest Papua, Antara, Tuesday, July 29.

He said, based on the results of BSSN monitoring, there were more than 6.8 billion traffic anomalies in the national cyberspace detected from January 2020 to June 2025. Most of these anomalies came from malware infections.

Sulistyo likens electronic systems to a house that requires comprehensive protection from the roof to a safety system for valuables.

"If we don't know if the roof of our house is from tiles, clumps, or clay, we also don't know when to check. In the digital world, this means we don't know what software is used, whether original or pirated, and whether the system is equipped with protection or not," he said.

According to Sulistyo, the most crucial step in building cyber defenses is the identification of digital assets owned. These assets include hardware, software, and human resources that manage them.

Based on BSSN's analysis of malware incidents, three of the main causes most often found are the use of pirated software, unextended software licensing, and the absence of active antivirals in the system.

There are still many who use illegal software or do not renew licenses. This makes the system vulnerable to viruses and illegal access by hackers," he said.

He also highlighted the weak response to warning reports. Of all cyberattack notifications sent by BSSN to various institutions, only 27'29 percent responded or validated.

"This is not just a matter of technicality, but a matter of awareness and responsibility. The data that is managed does not only belong to the institution, but belongs to the community," said Sulistyo.

He emphasized that building a digital security system is a shared responsibility, not solely the task of the central government or BSSN. Active roles from local governments, public service institutions, and business actors are needed.

Related to that, Sulistyo reminded three important steps that need to be taken by each agency: identify all digital assets, ensure the system is protected by legal and antiviral devices, and monitor anomalies regularly.

"If the agency receives a notification from Kominfo or BSSN regarding malware on a certain system or IP, it is advisable to immediately respond, validate, and take corrective steps," he said.