Cyber security has become one of the major issues in the digital age, including in Indonesia. By 2024, with the rapid development of information and communication technology, the challenges and threats to cyber security are becoming more complex and diverse. The report discusses the current cyber security situation in Indonesia, including the threats faced, the response of governments and the private sector, as well as recommendations for strengthening cybersecurity in the future.
Indonesia in 2024 faces an increasingly sophisticated and harmful array of cyber threats. Threats include ransomware attacks, phishing, malware, to Distributed Denial of Service attacks. (DDoS). Several significant cyber incidents in recent years show how vulnerable the national digital infrastructure is to these attacks.
Ransomware is a type of malware that encrypts the victim's data and requests a ransom to return it. In Indonesia, ransomware attacks have increased significantly, attacking various sectors including government, health, and education. By 2024, several hospitals in Jakarta will be targeted by ransomware attacks, resulting in major disruptions in health care.
Phishing is a method of attack in which an attacker tries to obtain sensitive information such as passwords and credit card numbers by pretending to be a trusted entity in electronic communications. By 2024, phishing attacks targeting online banking and e-commerce users are becoming increasingly severe in Indonesia. The attackers use increasingly sophisticated techniques to defraud the victim, including using a domain that is very similar to the original one.
Malware is malicious software designed to corrupt, interfere, or steal data from computer systems. Meanwhile, DDoS attacks attempt to make online services inaccessible by flooding target servers with internet traffic. Both types of attacks are also on the rise in Indonesia, with several government agencies and large corporations being the main targets.
To address various cyber threats, governments and the private sector in Indonesia have taken a number of strategic steps. The Indonesian government has issued various regulations and policies to strengthen cyber security. One of the most prominent is President's Decree No. 82 of 2022 on the Protection of Vital Information Infrastructure, which requires vital infrastructure operators to implement strict security measures and conduct periodic audits.
The National Cyber and Password Agency (BSSN) continues to strengthen its role in coordinating and implementing cyber security policies. BSSN also works with international agencies to enhance capacity and share information on cyber threats. The private sector in Indonesia, especially technology and banking companies, have invested heavily in cybersecurity technology. Many companies have implemented sophisticated incident detection and response systems, as well as improving their network and data security. The company also regularly organizes training and education for employees on the importance of cyber security and how to identify and avoid threats.
Cooperation between the public and private sectors is also key in improving cyber security in Indonesia. Initiatives such as forum discussions and information sharing between government and industry, as well as participation in regional and international cyber security programmes, help strengthen Indonesia's readiness to face cyber threats.
Despite efforts to improve cyber security, Indonesia still faces some challenges and obstacles to overcome. One of the biggest challenges is the limitation of resources, both in terms of budget and expertise in cybersecurity. Many organizations, especially small and medium-sized, still struggle to allocate adequate budgets for cyber security. Moreover, a lack of trained personnel is also an obstacle to the implementation of effective security measures.
The level of public awareness and education about the importance of cyber security is still relatively low. Many individuals and companies still ignore basic security practices such as the use of strong passwords, periodic software updates, and caution in opening suspicious emails or links. More intensive and comprehensive education is still needed to raise awareness and preventive action across the society.
Cyber threats continue to grow rapidly, both in terms of technique and purpose. Cyber criminals are always looking for gaps and new methods to launch their attacks. This dynamic requires a quick and adaptive response from all parties involved in cyber security. However, regulations and policies often fail to keep up with the pace of the threat, making defences less effective.
