The assault has caused a disturbance in various government services such as immigration and activities at significant airports. Indonesian authorities have recognized that the majority of the data was not backed up.
however Indonesia said it is beginning to recover data that had been encrypted in a major ransomware attack last month which affected more than 160 government agencies.
Version 1: The cybercriminals known as Brain Cipher demanded $8 million in ransom to decrypt the data, but later expressed remorse and provided the decryption key for free, as reported by cybersecurity company StealthMole, based in Singapore.
The attack has disrupted multiple government services including immigration and operations at major airports. Indonesian officials have acknowledged that the bulk of the data had not been backed up.
Chief Security Minister Hadi Tjahjanto announced in a press release on Thursday evening that information for 30 government services under the supervision of 12 ministries had been retrieved through a “decryption strategy,” although no further details were provided.
The statement indicated that the communications ministry is implementing a decryption plan to retrieve services or assets from affected ministries, state agencies, and regional governments. The process is being managed in a step-by-step manner.
It remained uncertain whether the government had utilized Brain Cipher’s decryption key. Hadi and Communications Minister Budi Arie Setiadi were unresponsive to requests for comment at that time.
Ransomware attackers use software to encrypt data and demand payment from victims to restore the data. Indonesia has said this attack used malicious software called Lockbit 3.0.