The Government Must Find Ways To Stop Data Theft At Bank Indonesia

Pratama Persadha/Photo: Antara

JAKARTA - Cyber ​​security expert Doctor Pratama Persadha sees the need for Bank Indonesia to immediately stop data leaks, considering that as of Sunday, January 30, the conti ransomware group was still threatening to reveal more leaked data belonging to BI.

"As of January 30, 2022, attacks from the conti ransomware group have been updated four times," Pratama Persadha said, quoted by Antara, Monday, January 31.

On Sunday, the latest post on the Twitter account @darktracer_int stated that the conti ransomware group was apparently still uploading the internal data they stole from Bank Indonesia.

He mentioned that previously uploaded data from Bank Indonesia was 487 megabytes in size, then increased to 44 gigabytes, 130 gigabytes, until Sunday it increased again to 228 gigabytes.

In the screenshot that was tweeted, it was also claimed that the 228 gigabytes was only 6 percent of the total data leak belonging to the conti ransomware group.

If the claims are true, said Pratama, it can be ascertained that the total leaked data from the Central Bank of the Republic of Indonesia owned by the conti ransomware group is 3.8 terabytes.

When compared to Tokopedia's 91 million data which is only 28 gigabytes, it contains a lot of personal data in it, such as user ID, email, full name, date of birth, gender, cellphone number, and password.

"So, the BI data leak is an extraordinary case. Until now, the record for the largest leak is still held by the Sony Picture case of 10 terabytes or 10,000 gigabytes. This happened in 2014," he said.

Primary points out that all attacks target data. In addition to Tokopedia's 91 million data, there are e-HAC data from the Ministry of Health, BRI Life, Pertamina-PTC, and currently Bank Indonesia.

According to him, this is dangerous because almost all government agencies have important and confidential data. Therefore, in addition to mitigation, the thing that must receive attention is cybersecurity awareness since building the system and security factors are a priority.

He emphasized that electronic system administrators (PSE) who were hacked and leaked must be transparent to the public.

It was also mentioned that the increase in the number of internal computers owned by BI which was claimed to be infiltrated by the conti ransomware group, which was originally 16 units, until January 30, 2022, increased to 513 units.

"This proves that their commitment goes very deep into the system belonging to Bank Indonesia. This also confirms that the reputation of the conti ransomware gang as a hacker group is very dangerous," said Pratama who is also the Chairman of the Indonesian Cyber ​​Research Institute CISSReC.

On the other hand, Pratama said that the ongoing data leakage may be evidence that Bank Indonesia did not comply with the wishes of the conti hackers, for example, by demanding a ransom of some money.

"So, this case is not a new hack, but it does release little by little from the data they get to threaten the victims, in this case, Bank Indonesia," he concluded.