PDNS Data Server hacked, it Professor talks about the importance of careful culture to maintain security systems
The temporary national Data center Server (PDNS) of the Ministry of Communications and Information Technology (Kominfo) suffered a Ransomware cyber attack since last Thursday (20/6/2024).
So that down and disrupt public services in various agencies that occur until now.
Responding to this, professor of Information Technology (IT) Prof. Marsudi Wahyudi Kisworo said that in the world of computer security there is no system that is guaranteed security.
He stressed the importance of a security awareness culture.
“In the world of computer security, in this world there is no system that is guaranteed to be safe, there are systems that have been hacked and systems that have not been hacked. In developed countries, it is said that every 3-5 seconds there is a hacking attempt,” said Prof Marsudi, Wednesday (26/6/2024).
That, he continued, is the same as a house. No matter how sophisticated home security is, no one wants to guarantee that someone’s home will not be burglaries, robberies, or meteor falls.
Also read: Need the best workforce for your business? Search here!
“So in security, the most important thing is security awareness culture aka culture of caution,” he explained.
Read Also: National Data Center attacked by Ransomware, Kominfo: 5 new public services recovered
In addition, the first professor in the field of IT in Indonesia confirmed that in the world of computer security, must always adhere to good security governance.
“For example, implementing various existing computer security standards, can reduce the likelihood of a security breach, at least reduce the impact if a security breach occurs. It’s the same with physical security such as securing a house or car,” he explained.
“Security governance includes risk analysis of what can happen, including security breach scenarios, actors, probabilities, and impacts,” he continued.
He added that risk management was carried out starting from equipment, for example to deter, defend, and detect, to procedures that must be carried out when a security breach occurs, for example emergency response officers to recovery.
The rector of Pancasila University also explained that bona fide institutions must have a comprehensive security plan, maybe even follow common standards.
“If you look at the incident with PDN, and several previous cases that I have handled, the absence of a good security plan is the cause when a violation occurs, it cannot be handled properly,” he said.
Also read: PDN attacked by Ransomware claimed to use Windows Defender feature, Kominfo: being investigated
BRIN’s Steering Board also gave an example, which most often happens is that there is no scenario when there is a hack and does not have a disaster recovery plan and does not even have a business continuity plan.
“Let alone that, many institutions, both government and private in Indonesia, do not have cyber risk assessment, just exhausted when it has been broken into,” he concluded.