Return to Uzone News Portal
Uzone.id – In 2022, India’s largest airline, SpiceJet, experienced a ransomware attack that caused flight delays and cancellations, leaving hundreds of passengers stranded. Luckily, the airline’s IT team managed to resolve the situation.
After this incident, many people wondered what a ransomware attack was. Ransomware is a malicious program (malware) that threatens victims by destroying or blocking access to essential data or systems until a ransom is paid, sourced by Microsoft.
Initially, ransomware attacks only targeted individuals. However, more and more are targeting organizations. Senders do not hesitate to deliberately attack important documents, such as financial documents, to set a ransom for their victims.
The most common ransomware attack involves getting the victim to click on a specific link or open an email attachment that will install the ransomware on the victim’s device. Once the ransomware has been embedded, the sender, as a hacker, can start to enter the organization’s network, which allows them to access various data.
They then plant the ransomware on specific data or systems. One way is by encrypting files so the victim cannot access the data until the ransom is paid. Hackers send ransomware to large companies because they are targeting large ransoms. Not a few companies are willing to pay millions of dollars to avoid the risk of data leaks.
The impact of ransomware attacks on data centers is severe, often halting digital services and causing widespread disruption in daily operations. A recent example is Indonesia’s Temporary National Data Center (PDNS), which was hit by a major ransomware attack in June 2024.
This attack brought critical digital services to a standstill, including those of the Directorate General of Immigration under the Ministry of Law and Human Rights, and disrupted New Student Admissions (PPDB) services across various regions. In total, the attack affected 282 government agencies throughout Indonesia.
The hackers demanded a hefty ransom of $8 million, yet the government stood firm, refusing to meet these demands. This incident highlights the vulnerability of essential public services to cyber threats and underscores the need for stronger cybersecurity measures to safeguard national digital infrastructures.
As a result, PDNS’s reputation was tarnished in the eyes of the public. Public trust has decreased because it shows that PDNS does not yet have a strong enough defense system to face cyber attacks.
What happened to PDNS is one example of a ransomware attack brain cipher variant Lockbit 3.0. In addition, there are still many other types of ransomware attacks, including the following:
- Encrypting Ransomware is a ransomware attack that uses an encryption algorithm to encrypt user files so they cannot be used properly.
- Locker ransomware is a ransomware attack that blocks access to the entire system.
- MBR ransomware is a ransomware attack that targets the Master Boot Record (MBR) of a computer or device.
- Mobile ransomware is designed to attack mobile devices that can encrypt data. In addition, mobile ransomware can also block access to important applications or functions.
- Scareware is ransomware that uses fake money threat messages to scare users into paying the ransom.
With the variety of ransomware attacks out there, it’s essential to stay vigilant and take proactive steps to protect your data. Here are a few effective countermeasures to consider before falling victim to a ransomware attack.
First, quickly isolate any compromised data to prevent the ransomware from spreading further across your systems. This containment step is critical in minimizing damage. Second, keep your antimalware software up-to-date.
Regular updates enhance the software’s ability to detect and block ransomware, ensuring your devices have the latest protection.
Lastly, make offline backups of your essential data. By storing backups offline, you can guarantee that important information remains accessible and can be restored, even if your system is compromised by ransomware. Taking these measures can help shield your data from ransomware’s reach.
