Jakarta: A cyberattack on Indonesia's national data center has severely disrupted operations at hundreds of government offices and led to significant delays at Jakarta's Soekarno-Hatta International Airport. The hacker responsible is demanding an $8 million ransom, as disclosed by officials on Monday.


The incident caused long queues at immigration gates last week when systems were taken offline. The ransomware used in the attack is associated with the Russian group LockBit, according to a communications ministry representative.


The cyberattack impacted "210 institutions at the national and local levels," stated senior official Semuel Abrijani Pangerapan. He also mentioned that a dark web hacker demanded a ransom of $8 million.


Immigration services started returning to normal by Monday morning, and efforts are underway to restore other affected services. Authorities are currently investigating the ransomware, known as Brain Cipher, which has encrypted and rendered government data inaccessible.


LockBit and its affiliates have previously targeted various entities, including governments, major corporations, educational institutions, and healthcare facilities, causing extensive damage and extracting substantial ransoms.


Once deployed into a target's IT systems, these ransomware programs encrypt the victim's files and data, freezing access until the ransom is paid.


Last month, the United States, Britain, and Australia imposed sanctions on the leader of LockBit, accusing the group of extorting billions from thousands of victims. The group was behind a quarter of all ransomware attacks globally last year, having extorted "over $1 billion from thousands of victims worldwide," according to the UK government.


Europol, the European Union's law enforcement agency, reported that the top five countries targeted by LockBit included the United States, Britain, France, Germany, and China.


Indonesia has struggled with cyber security, often facing issues due to low online literacy and frequent data breaches. In 2021, during the Covid-19 pandemic, researchers from vpnMentor revealed that the data of 1.3 million users of a government test-and-trace app had been compromised. This revelation followed an alleged leak of data from more than 200 million participants of the National Health Care and Social Security Agency (BPJS Kesehatan) just months prior.