More than 40 Indonesian agencies, including the ministry overseeing immigration, were impacted by a cyberattack on the country's data centers, an official said on Wednesday.
The latest cyberattack, the worst that the country has experienced in recent years, disrupted immigration services and affected operations at Indonesia's major airports for days.
Forty-four government agencies, including key ministries, were targets of the ransomware attack, said Usman Kansong, an official from the communications ministry.
Data at five agencies, including immigration services and the coordinating ministry of investment, have been restored, and the government is working to restore data at 39 other agencies, he said.
"We expect the data at 18 government agencies to be restored by the end of this month," Usman said.
In a joint press conference with the ministry, Telkom Group director Harlan Wijanarko tried to assure Indonesians by saying that their data was secure.
Wijanarko's comment from the press conference
"We have isolated the system in the national data center so no one can enter it. We cut the access from the outside," he said, adding that they were still investigating the cause of the attack.
The Telkom group operates two major data centers in Indonesia, one in the capital city of Jakarta and the other in Surabaya.
All government agencies in Indonesia rely on these centers to store data. The Surabaya data center was the target of the attack.
Indonesia's communications ministry announced earlier this week that the attacker had used malicious software called Lockbit 3.0 and demanded an $8 million ransom, which the government refused.
The Lockbit cybercrime group is notorious for using ransomware to digitally extort its victims.
Ransom software works by encrypting victims' data. Hackers can offer a key in return for payments in millions of dollars, typically through cryptocurrency.