Cybercrime , Fraud Management & Cybercrime , Geo Focus: Asia

Indonesia Hardest Hit by Cyberattacks in the Region

High-Growth Economy, Low Spending on Cybersecurity Put Asian Country in Crosshairs
Indonesia Hardest Hit by Cyberattacks in the Region
Headquarters of Indonesia's Cyber and Crypto Agency BSSN in Depok, Indonesia (Image: Shutterstock)

Indonesia has faced the highest number of cyberattacks in the Southeast Asian region over the last six months, with an average of 3,300 cyberattacks per week. Analysts say Indonesia's growing economy and low level of spending on cybersecurity make it a prime target for hackers.

See Also: The Future of Cybersecurity in APJ

Cybersecurity company Check Point said the number of cyberattacks against Indonesian organizations far exceeded those faced by Southeast Asian counterparts in the past six months. Malaysia and Singapore experienced fewer than half that number of attacks - 1,233 incidents per organization a year.

Analysis by global management consulting firm Kearney revealed that both Malaysia and Singapore are leading the rest of the region in terms of cybersecurity capacity building, awareness building, international cooperation, developing national cybersecurity policies, and having sector-specific focus. Indonesia has yet to establish robust cybersecurity policies to lead in these areas, but it is not alone.

"The region's growing strategic relevance makes it a prime target for cyberattacks. Cyber resilience is generally low, and countries have varying levels of cyber readiness," Kearney found. "Specifically, there is a lack of strategic mindset, policy preparedness and institutional oversight relating to cybersecurity."

The firm said the ASEAN region's cybersecurity industry lacks homegrown capabilities and expertise, and the absence of a unifying framework leads to an underestimation of value at risk, resulting in significant underinvestment. Kearney said Indonesia's cybersecurity spending as a percentage of GDP - 0.02% - is the lowest in Southeast Asia.

Check Point's latest telemetry data shared with Information Security Media Group places Indonesia as Southeast Asia's hot spot for cryptomining, botnet, mobile malware and info stealer attacks. XMRig, a legitimate open-source cryptomining tool, is increasingly being used for malicious purposes. Attacks involving XMRig accounted for 20% of all attacks targeting Indonesian organizations in the past six months.

Botnet attacks accounted for 18.8% of all attacks on Indonesian businesses in the last six months, and the Glupteba botnet regained prominence following a takedown by Google in 2021. According to Check Point, Glupteba features a variety of capabilities such as stealing credentials, exploiting router vulnerabilities and mining cryptocurrency. "Glupteba's use of bitcoin records improves its resilience against takedowns, since the blockchain transactions cannot be deleted but remain exposed for public inspection," the firm said.

According to Check Point's analysis, cybercriminals also used the Ramnit banking Trojan in close to 10% of attacks on Indonesian businesses in the past six months. First discovered in 2010, the banking Trojan steals web session information, giving its operators the ability to steal credentials for bank accounts and social network accounts.

Another growing cybersecurity threat for Indonesian businesses is the rising use of info stealer malware, particularly AgentTesla and Formbook, which accounted for 55% of all info stealer attacks in the Asia-Pacific region in 2022. Info stealer attacks on Indonesian organizations in the past six months accounted for 16.9% of all attacks, and AgentTesla and Formbook were used in most of the attacks.

Threat intelligence company Cyble also called Indonesia one of Southeast Asia's highest-targeted nations.

"Indonesia is one of the primary targets for cybercriminals and has been the victim of a series of high-profile data breaches in the past months. Reports suggest that Indonesia suffered over 11 million cyberattacks in the first quarter of 2022, a 22% increase from last year," Cyble said.


About the Author

Jayant Chakravarti

Jayant Chakravarti

Senior Editor, APAC

Chakravarti covers cybersecurity developments in the Asia-Pacific region. He has been writing about technology since 2014, including for Ziff Davis.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.in, you agree to our use of cookies.