Indonesian hackers apologise, ask for donations

Last month, cybercriminals caused a national crisis in Indonesia after attacking a government data centre and massively disrupting public services. Now the group has revoked its ransom, apologised and downplayed the colossal attack as an innocent “pen test with post payment”.

Marking the biggest hack yet from new-coming ransom gang ‘Brain Cipher’, Antara reports some 282 government agencies were impacted by the attack — the most notable of which saw queues of disgruntled travellers pile up at malfunctioning airport arrival and departure gates following disruptions to the nation’s immigration services.

While Brain Cipher initially demanded an $11.9 million (US$8 million) ransom, the group last week apologised for the hack and claimed to have helped Indonesia’s government rectify the attack.

“Citizens of Indonesia, we apologise for the fact that it affected everyone,” Brain Cipher wrote on its dark web blog. “We hope that our attack made it clear to you how important it is to finance the industry and recruit qualified specialists. We also ask for public gratitude and confirmation that we have consciously and independently made such a decision.

“If the government representation considers it wrong to thank the hacker, you can do it privately at the post office.”

Further to downplaying the severity of its attack — which locked and encrypted crucial government data systems — Brain Cipher went so far as to post a donations link for those who wish to reward the gang’s apparent change of heart.

Notably, Brain Cipher’s apology arrived after Indonesian officials staunchly and publicly refused to pay out a ransom. In a follow-up post on 3 July, the group further claimed it had given decryption keys to government officials and would delete any data it stole once restoration was confirmed.

“This is the first and last time a victim receives keys for free,” Brain Cipher said.

The gang then explained its unsurprising motivations for the attack, pointing out how data centres are a valuable extortion target given their role in critical infrastructure, before writing off the whole affair as “very expensive advertising” for its criminal capabilities.

By Tuesday, Brain Cipher made a final post indicating government officials had cut communications and warned dark web users that anyone “trying to sell data” on its behalf is a fake.

It has been reported that many government agencies are still working to “conduct data recovery” following the incident, though Indonesia’s government officials have repeatedly downplayed the effects of the attack.

In late June, Minister of Communication and Informatics Budi Arie Setiadi assured the attack was led by non-state actors, stating “praise be to God because the effect will be worse if a state actor was behind the attack”.

Setiadi, who reportedly indicated the attack caused “no data leak” whatsoever, currently faces mounting public backlash as a petition with more than 26,000 signatures calls for his resignation — though Director General of Applications and Information Semuel Abrijani Pangerapan has resigned and claimed personal responsibility for the incident instead.

The government reportedly plans to bolster its previously lacking data centre backup features following the attack, while an independent third party will begin a security audit of the impacted data centre in September.

This article is based on an original that appeared on Information Age. The original can be found here.

Image credit: iStock.com/matejmo