Cyber Criminal in Indonesia is growing. Starting from Tokopedia data leak cases to the BPJS ones, Cyber Criminal have become a hot topic of discussion lately. Cyber Criminal is an issue that the wider community should know as an effort to mitigate risk.
“One of the impacts of data leaks that often occurs is the misuse of personal data, but currently the general public is still less concerned about this,” said Dr. Sri Suning Kusumawardani, lecturer at UGM DTETI, in a webinar with Cyberkata, Tuesday (25/5).
In the process of hacking data, Cyber Criminals are usually already in the target system for a long time, which is a matter of weeks or months. Many data extraction events are detected when the data have been sold. This can happen due to the lack of a system to detect attacks.
Meanwhile, in her brief interview, Suning explained that an agency or organization with a personal data management system must have data security governance and procedures in the event of a Cyber Criminal and need to have a simulation of risk mitigation. It is also important that an agency/organization has a system to detect attacks.
As a response measure toward the case of a data leak, Suning said we should immediately change email data on important accounts, such as bank accounts, use passwords of more than 12 characters, and activate security settings using 2-factor authentication.
“People should be aware of further attacks, such as getting SMS or calls asking for OTP codes, asking for credit card numbers, asking for personal data, and so on,” she said.
We can check https://haveibeenpwned.com and specifically https://perriksadata.com/bpjs/ for BPJS to find out whether our data has been leaked. Please note that checkdata.com solely contains sample data, so it only contains 1 million data.
Ismail, Co-Founder of Cyberkata, explained that the database that has already been spread should not only be mitigated individually but the government or related agencies must also take part in securing the data. There should be transparency related to this Cyber Criminal case to increase awareness in each individual.
“It’s time for the Personal Data Protection Law (PDP) to apply in Indonesia,” said Ismail.
Source: https://www.ugm.ac.id/id/berita/21176-langkah-mitigasi-kebocoran-data