Cyberattacks continue to hit organizations and corporations in Indonesia. Now they are the victims, and sooner or later it could be us.
By
KOMPAS EDITOR
·3 minutes read
DOKUMENTASI BSI
Main Director of BSI Hery Gunardi (right) and RCEO BSI Jakarta 1 Deden Durachman (center) reviewing BSI ATM services which have recovered from suspected cyber attacks, at the Wisma Mandiri I Building Jakarta, Thursday (11/5/2023)
An improvement to legal instruments in the form of the ratification of Law Number 27 of 2022 concerning Personal Data Protection has not been effective in stemming personal data leakage. Until now, cyberattacks, especially personal data theft, are a threat.
The government is expected to optimize law enforcement by providing sanctions that can create a deterrent effect for cybercrime perpetrators.
The latest cyberattack was experienced by PT Bank Syariah Indonesia Tbk (BSI): 1.5 terabytes of data, which included nine databases containing personal information of more than 15 million BSI customers and employees, is suspected of being leaked. This data includes, among other things, names, addresses, document information, card numbers, telephone numbers and transaction data (Kompas, 14/5/2023).
We have heard and received information many times about hacking that has hit a number of institutions and corporations. However, we still rarely hear of joint efforts being made to tackle this problem. We fuss when events occur and then return to calmness as if nothing happened. Vigilance of various parties is also weak.
In fact, if we take a quick look, cases of cyberattacks continue to occur in various institutions and corporations.
VERIZON DATA BREACH INVESTIGATION REPORT 2020
The Verizon Data Breach Investigation Report 2020 shows that data breaches originating from server misconfigurations are on the rise.
Reports from employees engaged in cyber security stated that visits to their website in the form of attacks continued to increase. The latest advanced persistent threat (APT) report by Kaspersky, an agency related to cyber security, reveals that APT activities in the first quarter of 2023 involved new, sophisticated factors.
The report shows that APTs continue to update devices and expand their attack vectors, both from targets based on geographic locations and industrial targets. During the first three months of this year, Kaspersky researchers have uncovered new tools, techniques and campaigns launched by APTs in cyberattacks around the world.
Cyber security is sometimes taken for granted when an attack has not yet occurred. People within organizations and corporations still carry out digital activities without adequate security awareness, such as bringing devices from the outside that are connected to the internal network, downloading digital material without examining the potential risks, and using passwords that do not meet security standards.
Recently, attacks have increasingly paralyzed organizational and business operations. The BSI case is one example. The perpetrators are still sitting comfortably. We need to build comprehensive cyber security together; not only the government, but also the private sector. Vital institutions need to ensure their cyber security is advanced. Apart from that, it is time for each individual to build an awareness of cyber security and try to minimize the risk of attacks.
This article was translated by Hendarsyah Tarmizi.
