These days we are presented with viral, shocking and also shocking news. Yes, news about the success of (or perhaps a group) of hackers calling themselves Gorka (inet.detik.com, September 13, 2022). Really surprising, because this hacker is not limited to breaking into ordinary data.
The data of senior officials in this country has also been leaked by this hacker. I don’t know what his intentions (or their goals) are, nor do we need to guess. However, the government did not keep silent. President Jokowi also formed a special team to follow up and fight against Bürka CS (cnbcindonesia.com, September 13, 2022).
The National Internet and Password Agency (BSSN) has also moved to track and follow the identity of this hacker. However, this data leak is one of the clear evidence that the government’s cyber defense is relatively weak (cnnindonesia.com, September 13, 2022).
Apparently, the phenomenon of hacker attacks and government data leakage has occurred several times in this country. Citing cnnindonesia, cyberattacks on government websites have occurred at least four times, namely Brasil Son1x666 which hacked the Polri website, ZYY and Lutfiefake who hijacked the Secretariat website, CJ 77 which hacked KPAI data, and Mustang Panda who attacked the BIN website . (cnnindonesia.com, September 14, 2022).
I don’t mean to be pessimistic, we may just be wondering why hackers have hacked into servers of government institutions. Shouldn’t these servers have extra security protection? How weak is the cybersecurity defense in this country? Again, we’re not in a pessimistic context, but what can we do to prevent this kind of thing from happening again and causing a stir in this country.
This case of personal data leakage has soured many government agencies. A good concern should be, because they are responsive and move quickly to secure the data on their sites and servers. KPU, for example, stated that the security of its data is guaranteed because KPU currently has beefed up the cybersecurity system on its websites and apps in order to prevent data leakage, especially ahead of the upcoming general elections.
KPU stated that it has formed the KPU Application Cyber Security Task Force. Then there is the OJK, which warns of potential data leaks in the insurance industry. Meanwhile, as a stakeholder in the context of information systems and technology in Indonesia, the Ministry of Communications and Information (Kominfo) has coordinated with the data control ecosystem, namely Cybercrime Polri, Directorate General of Civil Registration, Ministry of Internal Affairs, BSSN, and all telephone operators Cellular in Indonesia (aptika.kominfo.go.id, September 7, 2022). The report states that 1.3 billion SIM card registration data were sold by BreachForums user Bjorka.
One of the loopholes that hackers exploited is the lack of legal certainty regarding the protection of user data in Indonesia. Therefore, apart from setting up a quick reaction team to deal with this data leakage situation, the government is also working on strengthening personal data protection rules.
The Personal Data Protection Act (RUU PDP) is reportedly currently being pursued for completion in the Democratic Republic of the Congo, and is one step away from ratification at the plenary session of the House of Representatives and Peoples (aptika.kominfo.go.id, September 13, 2022).
Well, from the government’s point of view, a lot has been done to overcome this case of data leakage and prevent it from happening again in the future. So how should we as individuals respond to this phenomenon? According to Ismail Fahmy, social media observer and founder of Drone Emprit, it is quite surprising that there are actually some people who think Bjorka is like a hero.
In fact, according to him, the case of data leakage is very serious. The public should be aware that our personal data circulating on the Internet is not something that can become a commodity. Despite the fact that the practice of selling personal data is not the only time this happens.
One study suggests that in the current era of big data, the personal information of each online user will easily be converted into data, commodified, and become a commodity in data manufacturing (Noor, 2022. Data Manufacturing: Between Data Transformation, Commodity, and Digital Infrastructure, Indonesian Journal Telecom, XI (2), 129-138).
It was stated in the article, that the practice of selling data by data brokers often occurs, as “data sellers” can easily obtain their goods via available data which is generated by internet applications and algorithms. In fact, data about users’ personal lives can be easily obtained from the algorithm, such as last location, username, contact number, friends network, etc. (Noor, 2022. p. 132).
As a simple example, when we were just talking about the lunch menu with our friends at the office, suddenly a notification appears on the gadget about a favorite restaurant near our location. So in this context, we may realize that we cannot be completely “free” in today’s internet age.
Moreover, from another perspective, we can see that a very large amount of data is presented to us. It’s like, all the data, whatever it is, is readily available for us to access on the Internet. The same goes for government organizations. All the data can be obtained relatively easily, organized and then collected into big data which can then be analyzed to make the right policies for the society.
Finance Minister Sri Mulyani Indrawati has stated that government organizations already have extraordinary data, both at the central and regional levels. Therefore, it is best to see that data as a useful asset (djpb.kemenkeu.go.id, November 10, 2021).
Therefore, it helps us to be more intelligent and careful in responding when a phenomenon occurs around us. It is not an interactive statement but leads to action or other negative feedback. It is more about how we handle this data leakage more wisely and not create controversy. Likewise, the public as individuals also need to be extra careful, particularly in the context of protecting their personal data.
We should not easily release our personal data when we open websites or play online games for example, because it may turn out that our data actually becomes a valuable commodity for them and can even be freely traded or leaked. Especially with other important data like usernames, passwords, passwords, password and other things related to our financial and banking applications, we must always maintain confidentiality.
Meanwhile, the government, as the regulator of the information system, needs to realize how important the personal data of people is. The government should also always be proactive in providing a protection system as well as a strong legal umbrella so that data leaks do not occur in this country.
In addition to information system service providers such as banks, insurance institutions, cellular operators, and social media providers, they must always maintain the security of data and information on the sites, servers, or applications that they create and provide to the public.
The author works for the Government Treasury Office in Banda Aceh. aThis article is the author’s personal opinion and does not represent the views of the organization in which the author is currently employed.