As Indonesia embraces digital transformation, the frequency and scale of cyber attacks is growing rapidly. The National Cyber and Crypto Agency (BSSN) reported that from January to July 2025, Indonesia experienced over 2.37 billion cyber attacks. This staggering figure highlights how vulnerable the nation’s digital space is, even as the government and private sector push for digital transformation. This situation serves as a reminder that cybersecurity is no longer merely a technical issue but a pressing need to protect data, public services, and business continuity in the digital era.
Case Example: Cyberattack on Pusat Data Nasional (PDN)
One major incident that drew significant public attention was the cyberattack on Pusat Data Nasional (PDN). This attack was carried out by the LockBit group using the Brain Chipper/LockBit 3.0 ransomware, causing severe disruptions to vital public services such as immigration, taxation, and population administration. An even more serious consequence was the potential leakage of millions of citizens’ personal data.
The incident was made possible due to critical weaknesses in the security system, including over-reliance on Windows Defender, absence of data backups and recovery plans, limited cybersecurity budgets, lack of strong regulations, and shortage of professional human resources. The attackers demanded a ransom of USD 8 million, which was rejected by the government, resulting in the stolen data being sold on the dark web.
This case illustrates that cyber threats are no longer merely technical issues, they directly affect people’s daily lives and pose a serious risk to national security. It emphasizes the urgent need for stronger cybersecurity measures in Indonesia.
Phishing
Phishing is a type of cyber attack that uses social engineering techniques. In these attacks, perpetrators impersonate trusted parties such as banks or government agencies through emails, SMS, or fake websites. The goal is to trick victims into revealing sensitive information like passwords, account numbers, or credit card details.
Phishing is one of the most widespread threats for internet users in Indonesia. In the first quarter of 2025 alone, there were 900,000 phishing incidents, which averages about 10,000 attacks per day. If this trend continues, the total number of phishing cases could exceed 3.6 million by the end of the year. According to BSSN, the rise in phishing attacks is driven by more people transacting online without adequate digital literacy, making it a serious threat to both individuals and organizational data.
Ransomware
Ransomware is a particularly dangerous type of malware. It works by locking or encrypting important files on a victim’s computer and then demanding a ransom to restore access. Ransomware attacks are increasingly sophisticated and widespread in Indonesia. According to Igor Kuznetsov, Director of the Global Research & Analysis Team (GReAT) at Kaspersky, Indonesia faced around 57,554 ransomware attacks in 2024, making it the country with the highest number of cases in Southeast Asia.
Distributed Denial of Service (DDoS)
DDoS attacks overwhelm a server or network with massive traffic, often from thousands or millions of compromised devices, causing the system to slow down or crash, preventing legitimate users from accessing services. Indonesia has become the largest source of DDoS attacks globally, surpassing Singapore and Hong Kong. Despite a decrease in blocked attacks globally, the volume remains 44% higher compared to the same period last year, showing that Indonesia’s digital infrastructure is still vulnerable.
Malware
Malware, or malicious software, is designed to infiltrate, damage, or take control of systems without the user’s knowledge. It can include viruses, trojans, spyware, and disguised ransomware. In Indonesia, malware remains a dominant threat. BSSN reported over 3.64 billion cyber attacks in the first six months of 2025, with roughly 83.68% categorized as malware-based, or about 3.05 billion incidents. Malware’s aggressive and fast-spreading nature makes it a serious threat capable of causing financial loss, data breaches, and disruption of public services.
Conclusion
In brief, Indonesia faces a massive increase in cyber attacks, with billions of incidents recorded in just the first few months of 2025. The most common types include phishing, ransomware, DDoS, and malware, posing risks to individuals, businesses, and public services. This rise is driven by low digital literacy, weak defense systems, and limited regulations and professional cybersecurity resources. Clearly, cybersecurity is no longer just a technical issue; it is a serious threat to daily life and national stability. To protect your business, invest in the right cybersecurity solutions to keep operations safe and well secured.
