Indonesia Is Stirring Up, Ransomware Fraud Breaks Record In 2024
Jakarta, CNBC Indonesia –Ransomware attacks are soaring and are predicted to be the worst throughout 2024.
The United States government is looking for ways to combat the threat. They are even pushing for a more powerful way to deal with hackers who demand ransom payments.
“This is a disturbing practice that must end,” wrote Ann Neuberger, the US deputy national security adviser for cyber and emerging technologies, in an opinion piece in the Financial Times.
Meanwhile, Darren Williams, founder of BlackFog, a cybersecurity firm specializing in ransomware prevention and cyber warfare, is firmly against paying ransom for every ransomware attack.
According to him, if companies or institutions pay the ransom, it will encourage more ransomware attacks to occur and after sensitive data is stolen, the data will not be returned and will be lost forever.
Even when companies choose to pay, there is no certainty that the data will remain safe.
As experienced by UnitedHealth Group after its subsidiary, Change Healthcare, was attacked by the ALPHV/BlackCat hacker group in April 2023.
Despite paying a ransom of US$22 million (Rp. 341 billion) to prevent data leakage and restore operations quickly, the second hacker group, RansomHub, was angry that ALPHV/BlackCat failed to distribute the ransom to its affiliates.
Although Change Healthcare has not reported whether they have paid, the fact that the stolen data was eventually leaked on the dark web suggests that their demands were likely not met.
There are also concerns that the ransom was used to fund organizations hostile to US geopolitics.
According to the latest report from the Office of the Director of National Intelligence, in mid-2024 there were more than 2,300 ransomware attacks detected. Almost half of them targeted institutions in the United States (US).
It is predicted that the number of ransomware frauds at the end of 2024 will be higher than in 2023, which was 4,506 attacks globally.
Ransomware attack on Indonesian Data Center
A ransomware attack has also occurred in Indonesia. Last June, the Temporary National Data Center (PDNS 2) was hit by a ransomware attack. As a result, 282 government agency data were held hostage by hackers and demanded a ransom of US$ 8 million or Rp 131 billion.
The government has taken a firm stance that it will not pay the ransom, while gradually restoring locked access.
The perpetrators of PDNS 2 were detected to be affiliated with the veteran hacker gang LockBit who successfully attacked PDNS 2 in Surabaya.
The attack mode was the BrainChipper variant of ransomware, which locked access to data in PDNS Surabaya.
SOURCE : CNBC INDONESIA