Ransomware scum who hit Indonesian government apologizes, hands over encryption key

Brain Cipher, the group responsible for hacking into Indonesia's Temporary National Data Center (PDNS) and disrupting the country's services, has seemingly apologized for its actions and released an encryption key to the government.

That key was in the form of an 54 kb ESXi file. Its efficacy has not yet been confirmed.

"Citizens of Indonesia, we apologize for the fact that it affected everyone," the team wrote in a statement shared by Singapore-based dark web intelligence outfit Stealth Mole.

In the statement, Brain Cipher detailed that it was releasing the decryptor of its own accord, without prodding by law enforcement or other agencies. It did, however, ask for public gratitude for its magnanimous behavior – and even provided an account at which it could receive donations. Good luck with that.

The team also provided a motive – that it was acting as a penetration tester of sorts, and that talks with the government had become deadlocked.

The cyber criminals had demanded a ransom of 131 billion Rupiah ($8 million) to release data it ransomwared June 20, but the Indonesian government refused to pay up.

"We hope that our attack made it clear to you how important it is to finance the industry and recruit qualified specialists," the hackers lectured.

"In this case, the attack was so easy that it took us very little time to unload the data and encrypt several thousand terabytes of information," the group boasted.

The statement concludes: "We're not haggling."

We have asked Stealth Mole to provide us with evidence of the statement's authenticity.

• Indonesian government didn't have backups of ransomwared data, because DR was only an option
• Indonesia's president orders government to stop developing new applications
• Affirm fears customer info pilfered during ransomware raid at Evolve Bank
• FBI encourages LockBit victims to step right up for free decryption keys

Brain Cipher clarified that while the Indonesian government might receive its data back for free, not all victims would get the same treatment.

"Honestly, this is very embarrassing for Kominfo and also us as Indonesian citizens," shared one cyber security influencer in Indonesian Bahasa.

"Imagine, with a budget of Rp 700 billion to secure Indonesian data, you (BSSN et al) only rely on a security system with Windows Defender," he added.

A certain degree of panic has rocked the government – particularly as it was found that backups were optional among the hit agencies. Indonesia's president Joko Widodo subsequently ordered an audit of government datacenters.

Politicians and the public alike appear on the hunt for a scapegoat – a petition demanding the resignation of communications and informatics minister Budi Arie Setiadi over the matter garnered more than 18,000 signatures. ®