JAKARTA: Indonesia’s Communications and Informatics Minister Budi Arie Setiadi is facing growing calls to resign following an ongoing ransomware attack on the country’s national data centres that has affected 239 institutions, including 30 government ministries and agencies.
A Change.org petition urging Mr Budi to step down has garnered over 18,000 signatures since it was launched last week by the Bali-based civil society organisation Southeast Asia Freedom of Expression Network (SAFEnet).
The petition states Mr Budi should be accountable for the cybersecurity breach.
SAFEnet’s executive director, Ms Nenden Sekar Arum, also alleged Mr Budi was given his title because he had supported President Joko Widodo when the latter ran for the presidency in 2014 and 2019.
“Don’t continue ‘giveaways’ like this … This (role) is a very strategic position especially since we cannot be separated from the digital world,” Ms Nenden said, as quoted by news outlet Kompas last Thursday (Jun 27).
Mr Budi was previously the chairman of Projo, a volunteer group founded in 2013 that encouraged and supported Mr Widodo’s run for the presidency.
Mr Widodo made Mr Budi the Deputy Minister of Villages, Development of Disadvantaged Regions and Transmigration in 2019 and appointed him the Minister of Communication and Informatics in June 2023.
Mr Budi graduated in communication sciences from the University of Indonesia and did post-graduate studies in social development management, according to his ministry’s website.
Mr Budi has declined to comment on the petition. “No comment on that. That’s the right of the people to speak out,” he said, as quoted by news outlet Liputan6.
Projo, however, said in a statement that the petition was politically motivated. It was created by factions who opposed Mr Prabowo Subianto in the 2024 presidential election, the group said. Mr Prabowo was the candidate widely seen to have Mr Widodo’s backing in the February election, and won by a landslide.
“From the monitoring carried out by the team, the figures (behind the petition) are those who were politically opposed in the context of the 2024 presidential election,” Projo secretary general Handoko was quoted as saying by news site Kumparan on Sunday (Jun 30).
Ms Nenden from SAFEnet, however, denied any political motive behind the petition. “(Mr Budi’s performance) has a direct impact on the public. Political issues are secondary because this is for the public interest,” she said.
Last month’s ransomware attack was Indonesia’s worst in recent years and has resulted in data loss, disruption to public access of data and slowdown in online services of the affected institutions.
Indonesian authorities said the attack was carried out using software developed by the Russian ransomware outfit LockBit.
The national data centre affected store important information including population data such as names, addresses, personal identity numbers, and family data. It also stores sector-specific information, such as on national health programmes and the education curriculum.
The attack also disrupted immigration services including those related to visas, residence permits and online application of passports. On June 21, long queues formed at Jakarta’s Soekarno-Hatta Airport because passport checking had to be done manually after the automated system went down.
Mr Silmy Karim, Indonesia’s director-general of immigration, said last Friday its system had fully recovered. However, not all data was successfully restored for some immigration agencies, he said.
The government only announced the ransomware attack on Jun 24 and revealed its extent on Jun 27, when Mr Budi had a working meeting with members of the House of Representatives.
The Indonesian government has refused to pay a US$8 million ransom demanded by the hackers to retrieve the encrypted data, said Mr Budi.
The ransomware attack has also exposed Indonesia’s cyber vulnerabilities.
Mr Hinsa Siburian, chairman of Indonesia’s cybersecurity agency known by its acronym BSSN, said 98 per cent of the data stored in the compromised data centre had not been backed up.
“Generally we see the main problem is governance and there is no back-up,” he told a parliamentary hearing on Jun 27, as reported by Reuters.
Some lawmakers have disputed his remarks. “If there is no back up, that’s not a lack of governance,” said Ms Meutya Hafid, the chair of the commission overseeing the incident. “That’s stupidity.”
Mr Widodo has ordered an audit of government data centres.