Keypoints: India experienced over 1.5 million cyber intrusion attempts from Pakistan-aligned APT groups, some operating via networks in Indonesia and neighboring countries. Tactics include DDoS, malware, website defacement, and disinformation campaigns aimed at destabilizing infrastructure and sprea…
Category: Indonesia
A Surge in Numbers Recent statistics show a dramatic surge in phishing and scam incidents across Indonesia. The Indonesia Anti-Phishing Data Exchange (IDADX) recorded 26,675 phishing reports in Q1 2023, a sharp increase (+20,569 cases) from Q4 2022. Globally, Kaspersky’s security systems blocked 709…
To this day, government officials still act “surprised” every time their sites get hacked. Meanwhile, cyberattacks keep repeating like a broken record: KPU, Ministry of Defense, even .go.id portals have been turned into illegal content hubs. Just look at the KPU (General Elections Commission)—204 mi…
A System Failure, Not Just a Glitch When Bank DKI’s systems failed right before Eid celebrations, it wasn’t just a bad day at work — it was a systemic failure. From frozen mobile apps to interrupted QRIS services, Bank DKI showed just how vulnerable a major regional bank could be in the digital age….
Keypoints: Ahold Delhaize, a major food retail group operating in Indonesia, confirmed a data breach affecting its US operations, potentially compromising sensitive information. The ransomware group INC Ransom claimed responsibility for the attack, leaking sample documents on their data leak site. T…
Keypoints: The “Power Parasites” scam campaign, targeting primarily Asian countries including Bangladesh, Nepal, and India, relies on deceptive websites and social media to lure victims into financial scams. This campaign also affects notable global energy brands such as Siemens Energy and Repsol, w…
Keypoints: Indonesia has previously been targeted by Billbug, indicating it remains at risk from the group’s ongoing cyber espionage campaigns across Southeast Asia. A Chinese cyber espionage group, Billbug (aka Lotus Panda, Lotus Blossom, Bronze Elgin), breached major government and business organi…
Keypoints: Babuk2, operating under the alias Bjorka known for targeting the Indonesian government, has resurfaced in 2025, listing Indonesia among its claimed victims. Despite claims of new massive data breaches, evidence suggests Babuk2 primarily recycles data from previous incidents and uses rebra…
Keypoints: Indonesia is listed among the countries experiencing ransomware activity, accounting for 0.49% of global incidents, indicating a tangible risk from groups like NightSpire. NightSpire, a new ransomware group active since early 2025, exploits vulnerabilities like CVE-2024-55591 in FortiGate…
Keypoints: Indonesia is directly targeted through localized phishing emails in the Indonesian language, indicating specific intent to breach Indonesian systems, especially in healthcare and pharmaceutical sectors. A new sophisticated remote access trojan (RAT) called ResolverRAT was discovered targe…
Keypoints: Indonesia is directly impacted, as shown by the 2024 breach of its Temporary National Data Center, highlighting urgent cybersecurity vulnerabilities. ASEAN’s rapid digital transformation has led to a sharp rise in organized cybercrime, including ransomware attacks and transnational scams….
Keypoints: One of the malicious IP addresses actively attempting to exploit CVE-2025-24813 was observed targeting systems in Indonesia, indicating a direct threat. CVE-2025-24813 is a critical vulnerability in Apache Tomcat allowing unauthenticated remote code execution under specific configurations…
Keypoints: The rise of INDOHAXSEC from Indonesia increases regional cyber threats, potentially exposing Indonesian institutions and citizens to retaliatory or spillover attacks. INDOHAXSEC engages in DDoS attacks, ransomware deployment, website defacement, and data leaks. The group is politically mo…
Keypoints: Indonesia is among the top ten countries globally targeted by cyber attacks on the financial industry, indicating a significant and direct threat. Data breaches and financial fraud are the most prevalent cyber threats targeting the finance industry, with significant activity observed on D…
Keypoints: Indonesia is among the countries experiencing ransomware incidents, accounting for 0.7% of global cases, indicating its susceptibility to sophisticated groups like Cactus. Cactus ransomware employs a multi-stage attack, including social engineering via email and Microsoft Teams, DLL sidel…