- In short: A hacking group that demanded almost $12 million in ransom from the Indonesian government after accessing and encrypting crucial systems at a national data centre has offered a surprise apology.
- The attack last month disrupted more than 230 government agencies and services.
- What's next: The group has promised to release the decryption keys and asked for a public expression of gratitude from the government.
The hackers behind a major cyber attack on the Indonesian government have issued a surprise apology and offered to release the "keys" to the stolen data.
The attack last month on the government's data centres disrupted airport immigration checks and affected more than 230 government agencies and services across the country.
Crucial data systems were locked and encrypted and there were concerns personal and sensitive data would be leaked.
According to Indonesia's National Cyber and Encryption Agency, the attack was carried out by a group known as Brain Cipher.
The cyber criminals demanded a ransom of almost $12 million, which the Indonesian government refused to pay.
But then on Tuesday the group made a public statement on its website issuing an apology and promising to provide the decryption keys "for free" by Wednesday.
"We hope that our attack made it clear to you how important it is to finance the industry and recruit qualified specialists," the statement said.
"Our attack did not carry a political context, only a pentest [penetration test] with post-payment.
"Citizens of Indonesia, we apologise for the fact that it affected everyone."
They also asked the Indonesian government to express "gratitude" in public that the decision made by the group was made "independently".
"If the government representation considers it wrong to thank the hacker [then] you can do it privately at the post office."
It remains unclear whether the group has followed through with the promise.
Attack exposed Indonesia's 'weak' cybersecurity
The Indonesian government has been criticised in the wake of the attack, especially for its failure to back up much of the data.
Jakarta MP Meutya Hafid said the attack was due to "stupidity".
Minister of Communication and Information Technology Budi Arie Setiadi said in a statement that while data centres in Indonesia had backup capacity, it was optional for government agencies to use the service.
He said government agencies had not backed up data due to "budget constraints", but it would soon be made mandatory.
Cyberscurity analyst Alfons Tanujaya said Indonesia's cybersecurity was "weak".
"It's to do with the political structure, how data is perceived, and the rapid pace of digitalisation," he told the ABC.
Mr Tanujaya said part of the weakness was that the officials responsible for managing data were often political appointees given jobs as result of bargaining during elections rather than qualified professionals.
The ABC has contacted the Indonesian Minister of Communication for comment.
Mr Tanujaya said the apology statement was "unexpected" but appeared to be authentic.
"I think the hacker apologised for making it difficult for many Indonesian citizens to access their data, not necessarily feeling sorry for what they did," he said.
According to Tempo, an investigative magazine in Indonesia, there were more than 400 million cyber attacks in 2023, compared to 370 million in 2022.
Many of them were used the phishing technique, in which victims downloaded malware embedded in email links.