Ransomware scum who hit Indonesian government apologizes, hands over encryption key
- Reference: 1720072058
- News link: https://www.theregister.co.uk/2024/07/04/hackers_of_indonesian_government_apologize/
- Source link:
That key was in the form of an 54 kb ESXi file. Its efficacy has not yet been confirmed.
"Citizens of Indonesia, we apologize for the fact that it affected everyone," the team wrote in a [1]statement shared by Singapore-based dark web intelligence outfit Stealth Mole.
[2]
In the statement, Brain Cipher detailed that it was releasing the decryptor of its own accord, without prodding by law enforcement or other agencies. It did, however, ask for public gratitude for its magnanimous behavior – and even provided an account at which it could receive donations. Good luck with that.
[3]
[4]
The team also provided a motive – that it was acting as a penetration tester of sorts, and that talks with the government had become deadlocked.
The cyber criminals had demanded a ransom of 131 billion Rupiah ($8 million) to release data it ransomwared June 20, but the Indonesian government refused to pay up.
[5]
"We hope that our attack made it clear to you how important it is to finance the industry and recruit qualified specialists," the hackers lectured.
"In this case, the attack was so easy that it took us very little time to unload the data and encrypt several thousand terabytes of information," the group [6]boasted .
The statement concludes: "We're not haggling."
[7]
We have asked Stealth Mole to provide us with evidence of the statement's authenticity.
[8]Indonesian government didn't have backups of ransomwared data, because DR was only an option
[9]Indonesia's president orders government to stop developing new applications
[10]Affirm fears customer info pilfered during ransomware raid at Evolve Bank
[11]FBI encourages LockBit victims to step right up for free decryption keys
Brain Cipher clarified that while the Indonesian government might receive its data back for free, not all victims would get the same treatment.
"Honestly, this is very embarrassing for Kominfo and also us as Indonesian citizens," [12]shared one cyber security influencer in Indonesian Bahasa.
"Imagine, with a budget of Rp 700 billion to secure Indonesian data, you (BSSN et al) only rely on a security system with Windows Defender," he added.
A certain degree of panic has rocked the government – particularly as it was found that [13]backups were optional among the hit agencies. Indonesia's president Joko Widodo subsequently ordered an audit of government datacenters.
Politicians and the public alike appear on the hunt for a scapegoat – a [14]petition demanding the resignation of communications and informatics minister Budi Arie Setiadi over the matter garnered more than 18,000 signatures. ®
Get our [15]Tech Resources
[1] https://twitter.com/stealthmole_int/status/1807919279519813698
[2] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_security/front&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=2&c=2ZoZyw1hFYeZaASr2AOBNXwAAAEI&t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0
[3] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_security/front&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=4&c=44ZoZyw1hFYeZaASr2AOBNXwAAAEI&t=ct%3Dns%26unitnum%3D4%26raptor%3Dfalcon%26pos%3Dmid%26test%3D0
[4] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_security/front&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=3&c=33ZoZyw1hFYeZaASr2AOBNXwAAAEI&t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0
[5] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_security/front&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=4&c=44ZoZyw1hFYeZaASr2AOBNXwAAAEI&t=ct%3Dns%26unitnum%3D4%26raptor%3Dfalcon%26pos%3Dmid%26test%3D0
[6] https://twitter.com/stealthmole_int/status/1808497884176036103
[7] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_security/front&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=3&c=33ZoZyw1hFYeZaASr2AOBNXwAAAEI&t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0
[8] https://www.theregister.com/2024/07/01/indonesian_president_orders_datacenter_audit/
[9] https://www.theregister.com/2024/05/28/indonesia_app_sprawl/
[10] https://www.theregister.com/2024/07/02/affirm_evolve_ransomware_breach/
[11] https://www.theregister.com/2024/06/06/lockbit_fbi_decryption_keys/
[12] https://www.instagram.com/p/C891125yMwm/
[13] https://www.theregister.com/2024/07/01/indonesian_president_orders_datacenter_audit/
[14] https://www.channelnewsasia.com/asia/indonesia-ransomware-cyberattack-petition-minister-budi-arie-resign-4448196
[15] https://whitepapers.theregister.com/
Re: "not all victims would get the same treatment"
Is a bank an innocent victim if they leave their vault open and unguarded for the public to stroll through?
Or would that be criminal negligence?
I don't understand why governments, hospitals and so on are all the victims when this stuff happens when it was preventable.
In this case it's obvious that layers upon layers of negligence were involved - the bank vault was left open.
hospitals and so on are all the victims when this stuff happens when it was preventable.
Prevention costs money and managers and the general public , would rather spend the money on services that make peoples lives better.
In most cases you want to "send a message" to future victims about the consequences of not paying up, however in the case of fucking over an entire government who it turns out have no backups it's probably a more sensible business decision to earn some good will with international law enforcement...
Similar logic to those groups who have an official public policy of handing over deception keys for free if they accidentally hit a hospital. A purely business decision to reduce the risk of law enforcement related actions on potential future profits.
"Politicians and the public alike appear on the hunt for a scapegoat"
A scapegoat is one thing, the source of the problem is another. In this case I'd guess the source is the corporate culture of the government machine as a whole.
"not all victims would get the same treatment"
And there goes any goodwill you might have garnered. Penetration testers my ass. You're nothing but a bunch of greedy scumbags. I would hope you rot in Hell, but God is infinitely better than me.