Indonesia gov ransomware chaos may be over after hack group apologizes and says it has shared decrypt keys

Jakarta Indonesia
(Image credit: Shutterstock)

Ransomware group Brain Cipher has announced that it will reveal its decrypt keys in the wake of a ransomware attack it conducted against Indonesia’s Temporary National Data Center (PDNS). German tech site Golem.de reported the news after the group posted the key, along with instructions on how to decrypt the data, on its website.

“We hope that our attack made it clear to you how important it is to finance the industry and recruit qualified specialists,” the group said Monday. “Our attack did not carry a political context, only a pentest [penetration test] with post payment.”

Brain Cipher even apologized to the wider Indonesian citizenry saying, “Citizens of Indonesia, we apologize for the fact that it affected everyone.” The group claims that it made this move of its own accord, with no prodding from any government agency. Nevertheless, it’s asking for public gratitude for its ‘generous’ action while simultaneously sharing a Monero address for donations.

After it released the decryption keys, Brain Cipher said, “We will wait until the second party [the Indonesian government] has officially confirmed that the key works and the data has been restored.” It will then delete its copy of the data, after verifying that Indonesia’s data centers are accessible again.

This massive ransomware attack has been a major headache for Jakarta, especially after it noticed that the two affected data centers, which house the information for over 230 public agencies, did not have backups available. The group demanded 131 billion Rupiah, or about US$8 million, to release the decryption key. However, even though the government had no backups of its data, it said that it would not pay the ransom.

Indonesia has yet to acknowledge this development or release a statement regarding the attack on its data center as of the time of writing, so we can't be certain that the decrypt keys work. After all, many ransomware attackers are known to accept payment from their victims but still refuse to release the decrypt key(s) for their data. Furthermore, this move by Brain Cipher might merely be an act of publicity for the group to gain some notoriety or donations. So, until Jakarta confirms that its data is safe and available again, we cannot believe that the decrypt key even works.

Jowi Morales
Contributing Writer

Jowi Morales is a tech enthusiast with years of experience working in the industry. He’s been writing with several tech publications since 2021, where he’s been interested in tech hardware and consumer electronics.

  • USAFRet
    Subtext:
    The Indonesian government found out who they were, went to their house, and threatened to break various parts of their bodies until they coughed up the decryption keys.
    Reply
  • OLDKnerd
    Well i am not the backing up kind of guy, but then again i don't really have anything to loose but the time it take to format and reinstall system.
    On a gooberment level seeing as Denmark are one of the most digitized countries in the world, i am extremely worried CUZ i have not in my 60 years of living seen my gooberment make a WIN on anything digital.
    Reply
  • bit_user
    USAFRet said:
    Subtext:
    The Indonesian government found out who they were, went to their house, and threatened to break various parts of their bodies until they coughed up the decryption keys.
    Pretty much what I thought, except that I'd guess they're based in a different country and Indonesia reached out to the host country to put the squeeze on the group.

    If they were dumb enough to actually be within direct reach of the Indonesian government, then we'd be hearing about a police raid and not a diplomatic-sounding announcement put out by them. So, that tells me they're operating in a country with tacit approval of their activities by the government, except when they put a toe across the wrong political boundary.
    Reply
  • watzupken
    This story makes no sense to me whatsoever. Whoever hacked the Indon government for the purpose of making money I believe, had the perfect opportunity to do just that because they have no backup. Instead they apologized to the government and gave them the decryption key. Wow. Makes me wonder if this is all staged...
    Reply
  • OLDKnerd
    Hehe well i have visited that part of the world several times, and while people are very nice, make no mistake they can also turn nasty.
    I still and always will have the scars to prove that, but of course when you cone with the purpose i did one of the times, well some cuts are to be expected.
    I am just glad it was not my pretty face that got slashed.
    If the choice are hand over key or broken arms, well when it have come to that i would prefer to hand over key.

    Mind you i have nothing good to say about hackers, which i find to be some of the most low life creatures on earth.
    Reply
  • bit_user
    watzupken said:
    This story makes no sense to me whatsoever. Whoever hacked the Indon government for the purpose of making money I believe, had the perfect opportunity to do just that because they have no backup. Instead they apologized to the government and gave them the decryption key. Wow. Makes me wonder if this is all staged...
    A lot of hacking groups operate in certain countries where they have the tacit permission by their government. If Indonesia figured out where the hackers are located and contacted that government, they could've threatened to shut down the hackers. To me, that seems like a more plausible explanation for the climb-down.
    Reply