Financial Crime World

Cybercrime in Finance Industry Hits Indonesia Hard, Attack Rates Soar 252% Above Global Average

Indonesia has become a hotbed for cyber attacks, with financial institutions bearing the brunt of the onslaught. The finance and banking sector in Indonesia was hit by an astonishing 2,730 attacks every week on average over six months, a staggering 252% higher than the global average.

A Growing Concern

According to Check Point Software Technologies Ltd., a leading provider of cybersecurity solutions, the finance and banking sector is now the second most attacked industry in Indonesia, up from third place last year. The country’s financial institutions are particularly vulnerable due to attackers’ success rate, with criminals able to quickly grow their operations to exploit vulnerabilities before they can be addressed.

Mobile Banking Platforms Under Attack

Deon Oswari, Country Manager at Check Point Software Technologies, warned that the banking industry must remain vigilant and review its best practices to combat these sophisticated scams. “In Indonesia, we’re seeing increased attacks on mobile banking platforms and applications. It’s critical that FSI companies are aware of the threats and risks out there and take action to implement controls.”

Ransomware Attack on Central Bank

The Central Bank of Indonesia recently fell victim to a ransomware attack, with threat actors stealing non-critical employee data before encrypting systems. The bank’s network was affected, and renowned hacker organization Conti Ransomware claimed responsibility for the attack.

Phishing Emails: A Common Entry Point

Ransomware attacks typically begin with phishing emails, which Check Point Research discovered were responsible for 92% of malicious files distributed in Indonesia over the past 30 days. A single employee opening a link can hold an entire business hostage.

Combatting Cyber Threats

To combat these threats, Oswari emphasized the importance of:

  • Threat Intelligence: Staying informed about emerging threats and vulnerabilities
  • Quick Reaction Capabilities: Responding quickly to attacks before they cause significant damage
  • Comprehensive Security Solutions: Implementing proactive threat elimination, managed security services, and incident response capabilities

Government Efforts to Strengthen Cybersecurity

The Indonesian government has also taken steps to strengthen cybersecurity in the financial sector. The Financial Services Authority (OJK) has urged FSI companies to improve risk management and information technology governance, while unveiling a plan to support the development of digital banking and reinforce cybersecurity laws and policies by 2025.

Best Practices for Cybersecurity

However, many businesses struggle with patchwork security solutions that fail to address vulnerabilities and result in significant overhead. Instead, Oswari recommends:

  • Maintaining Security Hygiene: Regularly updating software and systems
  • Implementing Least Privilege Principles: Limiting access to sensitive data and systems
  • Taking a Preventative Approach: Focusing on prevention rather than reaction
  • Addressing All Attack Vectors: Protecting against multiple types of attacks
  • Keeping Threat Intelligence Up to Date: Staying informed about emerging threats and vulnerabilities