conti attacks Bank of Indonesia

Incident Date:

January 20, 2022

World map

Overview

Title

conti attacks Bank of Indonesia

Victim

Bank of Indonesia

Attacker

Conti

Location

Gambir, Indonesia

Jakarta, Indonesia

First Reported

January 20, 2022

Conti Ransomware Attack on Bank Indonesia

Bank Indonesia, the central bank of Indonesia, has been targeted by the Conti ransomware group, as announced on their dark web leak site. The bank operates in the finance sector and has a website at http://www.bi.go.id/. The attack was confirmed by the bank's Head of Communications, Erwin Haryono, who stated that the attack took place last month and that the bank has conducted an assessment of the attack.

Bank Indonesia is a significant financial institution in Indonesia, with a strong presence in the country's financial sector. The bank's size and influence make it a valuable target for cybercriminals, as a successful attack could potentially disrupt financial services and cause significant damage to the bank's reputation.

The Conti ransomware group, also known as Wizard Spider, is a Russian-based organization that has been involved in numerous high-profile attacks, including the SolarWinds cyberattack in 2020. The group is known for stealing files, encrypting servers and workstations, and demanding ransom payments to restore stolen data.

The attack on Bank Indonesia highlights the need for robust cybersecurity measures to protect against ransomware attacks. Organizations should prioritize incident response planning, automate identity governance, secure non-human identities, and ensure that systems and software are kept up to date.

Sources

Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.