"The key figure in the Wayang Kulit show is Ki Dalang, who controls all aspects of the performance and has undergone extensive training to master manipulating the puppets, voicing characters, and coordinating with the musicians. Ki Dalang must deeply understand traditional stories, religious texts, and philosophical teachings. They also often serve as storytellers, philosophers, and spiritual guides.The tree often appears as a central motif, representing life, growth, and interconnectedness. The tree is a metaphor for the universe and the cycle of life. Its roots represent the past and origins, the trunk symbolizes the present and human existence, and the branches and leaves denote the future and the potential for growth and evolution. It underscores the interconnectedness of all beings and the cyclical nature of life.Then, Ki Dalang tells us, 'When Kyai Semar accompanied Prabu Krishna playing chess, Prabu asked him, 'How did the chess player propose to their partner, Kanda?'Semar replied, 'They said, 'Checkmate, I've captured your heart!''What is your favourite chess piece?' asked Prabu.'My favourite piece would be the Queen, Prabu,' Semar responded. 'The Queen is powerful and versatile, capable of moving any number of squares vertically, horizontally, or diagonally. It's often considered the most dynamic and influential piece on the board.After the Queen, I would choose the Knight as the second best piece. Knights have a unique movement pattern, jumping over other pieces, which can sometimes surprise opponents and create tactical opportunities. Their ability to control squares that other pieces can't reach makes them valuable in both offense and defense.Then, I would choose the Rook as my third favourite piece. Rooks are powerful in open files and can quickly dominate the board in the endgame. Their ability to move horizontally and vertically across the board makes them essential for controlling key positions and executing strategic plans.Bishops are strong in long diagonals and can exert influence across the board. They complement the Rooks well in controlling different colour complexes of squares. While the King is central to the game's objective—avoiding checkmate, it is not as versatile in movement and influence compared to other pieces until the endgame when it becomes more active. Pawns are fundamental for controlling the centre and can promote to more powerful pieces, but individually they have limited movement and attacking capabilities compared to the other pieces.''Is there any connection between 'the chess Queen' and 'a magnet'?' Prabu asked again.Semar responded, 'Similar to how a magnet attracts metal objects, the Chess Queen exerts influence over the board through her ability to move freely and threaten multiple directions. Her presence can draw attention and influence opponents' decisions. Just as magnets play a central role in magnetic fields, the Queen is often central to a player's strategy in Chess. She can pivot quickly between offence and defence, shaping the dynamics of the game. Both magnets and the Queen are versatile in their contexts. Magnets can exhibit different polarities and strengths, while the Queen can manoeuvre across the board in various ways, adapting to different game situations.These parallels illustrate how metaphorical connections can be drawn between seemingly unrelated domains, enriching our understanding and appreciation of both Chess strategy and the principles of magnetism,' then he moved the Queen's followed by the Sinden's cakepan.""You might have heard that a hostage-taker in the digital world. It captures your important files and demands a ransom for their release, much like a criminal holding a person hostage for money. Much like a kidnapper who takes a person and demands a ransom for their return, ransomware seizes your data and holds it hostage for a financial payout.Imagine a thief who breaks into your house and replaces all the locks, demanding you pay for the new keys. Ransomware does the digital equivalent, locking up your files and demanding payment for the decryption key. Ransomware acts like an invisible thief that sneaks into your computer, locks up your data, and leaves a ransom note demanding payment, all without you noticing until it’s too late. Similar to pirates who capture ships and demand a ransom, ransomware attackers hijack your digital files and hold them for ransom," Seruni went on while looking at numerous lines of green code were falling in a computer monitor. It looked like an alternative reality, but it was Japanese sushi recipes. Without the code, there was no Matrix."Ransomware is a type of malicious software (malware) designed to block access to a computer system or encrypt its data until a ransom is paid. Ransomware typically infects a system through phishing emails, malicious attachments, compromised websites, or exploiting software vulnerabilities. Once inside the system, it encrypts files, making them inaccessible to the user. If the ransom is paid, the attackers may (or may not) provide a decryption key to restore access to the files. No guarantee paying will result in getting your data back.AIDS Trojan (PC Cyborg) in 1989, often considered the first ransomware, the AIDS Trojan was distributed via floppy disks to attendees of a WHO AIDS conference. It hid directories and encrypted file names, demanding a ransom of $189 to a PO Box in Panama for decryption instructions. In 2005, Archievus was one of the early examples of modern ransomware, it encrypted files in the 'My Documents' folder and demanded payment to decrypt them. In 2006, GPcode began encrypting files using weak RSA encryption, demanding payment in exchange for a decryption tool.In 2011, known as police ransomware, Reveton locked screens and displayed fake warnings from law enforcement agencies, demanding fines to unlock the system. In 2013, CryptoLocker, Marked a significant shift with its use of strong RSA encryption. Spread via email attachments, it demanded Bitcoin for decryption keys and became a major threat. In 2014, CryptoWall, an evolution of CryptoLocker, used Tor for communication and demanded higher ransoms, causing significant damage globally.In 2016, spread through malicious email attachments, Locky was notable for targeting hospitals and businesses, demanding ransoms in Bitcoin. In 2017, WannaCry was a global ransomware attack that affected over 230,000 computers in 150 countries. It exploited a Windows vulnerability (EternalBlue) and demanded Bitcoin payments for decryption keys. Also in 2017, initially disguised as ransomware, NotPetya encrypted files but also damaged systems irreparably. It targeted organizations in Ukraine but spread globally, causing billions in damages.Ransomware remains a serious cybersecurity threat, with attackers constantly developing new techniques to bypass security measures and extort money from victims. During 2022-2023, Double Extortion is an increasingly common tactic where attackers not only encrypt data but also exfiltrate it, threatening to leak it if the ransom is not paid. In 2024, AI-enhanced ransomware trends include the use of artificial intelligence and machine learning to enhance ransomware capabilities, making detection and defence more challenging.Ransomware continues to evolve, with new strains emerging frequently, targeting critical infrastructure, healthcare, and governmental institutions globally. The ongoing challenge is to develop robust defences and educate users to minimize the impact of these malicious attacks.The most common motive behind ransomware attacks is financial. Cybercriminals use ransomware to extort money from victims, often demanding payment in cryptocurrencies to remain anonymous. Some ransomware attacks aim to disrupt operations or cause damage, rather than directly seeking financial gain. In some cases, ransomware may be used as a tool for espionage, where attackers use it to mask the theft of sensitive information. Hacktivists or politically motivated groups may use ransomware to further their ideological causes or protest against entities they oppose.Some individuals might develop and deploy ransomware as a form of ethical hacking to expose vulnerabilities and highlight the need for better security practices. However, this is highly controversial and often illegal without explicit permission. There are rare cases where individuals or groups may use ransomware to raise awareness about security issues or to encourage victims to adopt better security practices. These actions are usually done to inform or help, but they can still cause significant harm and are often illegal. Some attackers claim their actions are meant to redistribute wealth or support causes. While these motivations might be framed as intending good, the methods involve illegal activities and cause harm.There have been instances where ransomware groups claimed to have good intentions, such as using funds for charitable purposes or exposing the vulnerabilities of a target to prompt better security. Security experts sometimes create controlled ransomware environments to teach cybersecurity best practices and response strategies. This is usually done in a safe, educational context without causing real harm.Even if the intentions behind a ransomware attack are claimed to be good, the act itself is harmful and illegal. It causes disruption, financial loss, and stress to victims. The end does not justify the means, especially when it involves criminal activity and harms innocent parties. Deploying ransomware, even with claimed good intentions, is illegal in most jurisdictions. Unauthorized access to systems, data encryption without consent, and demands for ransom are criminal activities, regardless of the purported motive.While the vast majority of ransomware attacks are driven by malicious and self-serving motives, there are rare instances where attackers claim to have good intentions. However, the nature of ransomware inherently involves harm and illegal actions, making any claimed positive intent ethically and legally questionable.Recently, Indonesia’s National Data Center (Pusat Data Nasional or PDN), operated by the Ministry of Communication and Information Technology, fell victim to ransomware criminals. The attack disrupted services for at least 210 institutions, impacting digital services for immigration, visas, passports, and residence permits. The attackers demanded a hefty ransom of 131 billion Rupiah (approximately $8 million), but it remains uncertain whether the government will pay.Indonesia has faced several notable cyberattacks in recent years. In 2022, a hacker known as Bjorka exposed 1.3 billion Indonesian SIM card registration profiles for sale. These profiles included National ID Card Numbers (NIK), telephone numbers, provider names, and registration dates. The breach highlighted vulnerabilities in Indonesia’s cybersecurity system .In 2021, the Indonesian Ministry of Health created a COVID-19 test-and-trace app called the Electronic Health Alert Card (eHAC). This app was mandatory for anyone flying into Indonesia from another country, including both foreigners and Indonesian citizens. Its purpose was to track travelers’ health status, personal information, contact details, and COVID-19 test results. However, cybersecurity researchers from vpnMentor discovered that the eHAC app lacked proper data privacy protocols. As a result, an unsecured Elasticsearch database exposed sensitive data from over 1.3 million eHAC users. The exposed information included passport details, addresses, health history, and COVID-19 test results. The breach raised concerns about data security and privacy. In the same year, a massive data breach affected Indonesia’s Health Care and Social Security Agency (BPJS Kesehatan), which manages the country’s universal healthcare program. Personal data of 279 million Indonesians were allegedly leaked and traded on an online forum called raidsforum.com. The leaked data included citizenship identity numbers, identity cards, phone numbers, email addresses, names, home addresses, and even salaries.In March 2020, a significant data breach affected more than 15 million user accounts on Tokopedia, Indonesia’s largest e-commerce platform. In 2017, the Indonesian ride-hailing and multi-service platform Gojek faced major security flaws that were exposed by an Indian security firm called Fallible.XMRig, an open-source crypto-mining tool, has been increasingly exploited for malicious purposes. In the past six months, it accounted for 20% of all attacks targeting Indonesian organizations. These attacks involve the unauthorized use of computing resources to mine the cryptocurrency Monero (XMR). Cybercriminals deploy XMRig to hijack victims’ systems and generate cryptocurrency without their knowledge or consent.Several factors could contribute to such an incident, including potential weaknesses in cybersecurity, insider threats, and broader systemic challenges. It might be the data centre has had insufficient cybersecurity measures in place, making it an attractive target for attackers. there are some possible factors i.e. Outdated Systems: use of legacy systems that are not adequately patched against known vulnerabilities; Weak Encryption: lack of strong encryption for sensitive data, making it easier for attackers to exploit; Poor Network Segmentation: insufficient segmentation of networks, allowing attackers to move laterally across systems.Employees and officials might not have received adequate training on recognizing and responding to cybersecurity threats. Lack of awareness could lead to employees falling victim to phishing emails, which are common entry points for ransomware. Employees may not be trained to handle ransomware incidents effectively. Insiders with malicious intent or those who are compromised could also facilitate an attack.The attack could have been carried out by sophisticated external threat actors targeting the data centre for financial or political gain. It might also reflect broader issues with government policies and funding related to cybersecurity. It could have exploited vulnerabilities in third-party vendors or service providers associated with the data centre.Regional tensions and geopolitical dynamics might make national data centres attractive targets for state-sponsored attacks. Failure to comply with international or local cybersecurity standards and regulations could lead to vulnerabilities. A lack of understanding or underestimation of the threat level could lead to inadequate preparation and defences.The more likely scenario for ransomware attacks on government infrastructure is a combination of external threats, internal vulnerabilities, and sometimes even insider threats. It is essential to approach such situations with a focus on improving cybersecurity defences, ensuring transparency, and fostering trust among all stakeholders.Ransomware is a serious and growing threat to Indonesia, affecting a wide range of sectors and leading to substantial financial and operational impacts. Addressing these challenges requires a comprehensive approach that includes strengthening cybersecurity infrastructure, enhancing regulatory frameworks, and fostering greater awareness and cooperation across all sectors.We are still discussing some issues in Indonesia, biidhnillah."Before moving on, Seruni read poetry,In the age of tech, with no sense of plight,The government's data vanished overnight.Ransomware laughed, while leaders did sigh,Security promises turned out a lie.With coffers empty and no data in sight,Their digital blunder took flight.The one there said, "It's a matter of governance!"Those here complain, "It's stupidity!"
Citations & References:
- Allan Liska, Ransomware: Understand. Prevent. Recover., 2023, Recorded Future
- Allan Liska and Timothy Gallo, Ransomware: Defending Against Digital Extortion, 217, O’Reilly Media
- P. W. Singer & Allan Friedman, Cybersecurity and Cyberwar, 2014, Oxford University Press
- Roger A. Grimes, Hacking the Hacker: Learn from the Experts Who Take Down Hackers, 2017, Wiley
