as report goes，The Indonesian National Data Center has been affectedreachLockbitRansomware variant attacks,thisThis attack has affected the national and regional levelstwo hundredMultiple government agencies,ExtortionistRequest paymentone thousand three hundred and tenA ransom of one billion Indonesian rupiahs is required to restore these systems. The Indonesian President ordered an audit of it, and as a result, the Indonesian Minister of Communications was publicly petitioned to resign.

The Indonesian National Data Center is managed by the Indonesian Ministry of Communications and Information Technology（Kominfo）Operations, responsible for storing and processing large amounts of government data. This data center carries a large amount of data and operational tasks for government agencies and critical infrastructure. These data are crucial for the operation, decision-making, and people's lives of the Indonesian government.

After the attack, multiple systems and data in the Indonesian National Data Center were encrypted, resulting in service interruption. This attack has affected overtwo hundred and tenA central and local government agency, however, due to the lack of its data backup mechanism, the data center exceeds98%The data has not been backed up，This makes it difficult for data centers to recover quickly after being attacked, resulting in prolonged service interruptions. Among them, immigration border inspection services are most severely affected,systemInterrupted for several days. Hundreds of government offices have also been damaged, resulting in the interruption of multiple government services and causing great inconvenience to the operation of the Indonesian government and people's lives.

Communication and Information in IndonesiaMinister Budi·Alibaba·Setiadi

Subsequently,Attackers demand Gundam from Indonesia's National Data Centereight hundredTen thousand US dollars (approximately)one thousand three hundred and tenA ransom of one billion Indonesian rupiah was paid to decrypt the data. The Indonesian governmentfirmRefusing to pay ransom and committed to recoveryEncrypted dataAnd attempt to identify the attacker. The Indonesian government quickly activated the emergency response mechanism, organized a team of experts for emergency disposal, and worked with international telecommunications companies to crack encryption and restore access to damaged data. Through the efforts of the Indonesian government and relevant departments, some damaged services have gradually been restored. However, due to the lack of data backup mechanisms, the progress of recovery work is slow, and some data may not be fully restored.

This attack incident has sparked widespread public attention and dissatisfaction. The Minister of Communications and Information of Indonesia is under pressure to resign as a result. The Indonesian President has ordered an audit of government data centers to identify the cause and issues of the attack. The Indonesian governmentalsoInitiate legal proceedings to track and prosecute attackers, and strengthen international cooperation and communication to jointly combat cybercrime activities.

The attack on the Indonesian National Data CenterLockbitIt is a highly complex and destructive ransomware,LockbitOriginating from Russia, due to its encrypted file suffixlockbitAnd named after it. This software provides tools and infrastructure for various attackers to carry out ransomware attacks. It uses complex encryption algorithms to encrypt victim filesThe victim needs to pay a ransom to obtain the decryption key. During this process,Lockbituse“Double extortion”The strategy not only encrypts data, but also threatens publicly stolen data to increase the pressure on victims.

LockbitThe ransomware family has gone through multiple iterations, constantly evolving to avoid security protection. Continuously expanding its global influence and becoming a major threat in the field of cybersecurity. Its victims include organizations in multiple critical infrastructure sectors such as financial services, education, healthcare, manufacturing, and government agencies. In recent years, withLockbitThe ransomware attack represented byThe security incidents caused by the attacks are constantly emerging, involving important issues related to the national economy and people's livelihood such as government, transportation, energy, and healthcarefield.

The ransomware attack on the Indonesian National Data Center is a serious cybersecurity incident that has had a significant impact on the Indonesian government and people.The Indonesian National Data Center has experienced slow recovery progress due to the lack of data backup mechanisms after being attackedAlso alertData backup is one of the important means to ensure data security.Data backup is an important means to prevent ransomware attacks. By regularly backing up data, business operations can be quickly restored after an attack, reducing losses.Currently, IndonesiaThe government also recognizes the importance of data backup mechanisms and plans to include them as mandatory requirements.