Incident Details

Incident: Government Website of Indonesian Ministry of Communication and Information Hacked

Published Date: 2022-07-27

Postmortem Analysis
Timeline	1. The software failure incident happened on July 23, 2022. [Article 130276]
System	1. Penyelenggara Sistem Elektronik (PSE) website owned by the Ministry of Communication and Information Technology (Kominfo) failed to ensure security measures, leading to a breach by hackers [130276].
Responsible Organization	1. The Ministry of Communication and Information Technology (Kominfo) was responsible for causing the software failure incident reported in Article 130276. The security consultant highlighted the poor infrastructure and security of the electronic system provider's website owned by Kominfo, making it vulnerable to hacking [130276].
Impacted Organization	1. The Ministry of Communication and Information Technology (Kominfo) was impacted by the software failure incident as their electronic system website was hacked [130276].
Software Causes	1. Lack of proper security measures and infrastructure in the electronic system website owned by the Ministry of Communication and Information Technology, making it vulnerable to hacking [130276]. 2. Inadequate development and implementation of secure applications, leading to easy access for hackers to manipulate and breach the system [130276]. 3. Failure to ensure the website's security despite a significant budget allocation of nearly Rp1 trillion for the procurement of the website, indicating a lack of robust security measures [130276].
Non-software Causes	1. Lack of proper infrastructure security: The expert mentioned that the infrastructure of the electronic system owned by the Ministry of Communication and Information Technology was considered very poor, making it easy to hack [130276]. 2. Inadequate website development practices: Despite a significant budget allocation of nearly Rp1 trillion for the website, the quality of the website was questioned, indicating potential issues with the development process [130276]. 3. Regulatory issues: The rejection of the regulations by some individuals on social media, particularly related to certain problematic clauses in the regulations, could have contributed to the failure incident [130276].
Impacts	1. The software failure incident resulted in the compromise of the Ministry of Communication and Informatics' electronic system website, allowing unauthorized access to sensitive data and the ability to upload, modify, and manipulate information [130276]. 2. Users or the public were unable to access the website following the breach, with a notification displaying an error on the user's side [130276]. 3. The incident raised concerns about the security and quality of the website, questioning the effectiveness of the nearly Rp1 trillion budget allocated for its development [130276]. 4. The breach highlighted the ease with which the website could be hacked, indicating significant vulnerabilities in the system's infrastructure [130276]. 5. The failure led to calls for audits by bodies such as the Badan Pemeriksa Keuangan or Badan Pengawas Keuangan dan Pembangunan to assess the situation [130276].
Preventions	1. Implementing robust cybersecurity measures and regularly conducting security audits could have prevented the software failure incident [130276]. 2. Ensuring proper infrastructure and system design to prevent easy exploitation by hackers could have mitigated the risk of the breach [130276]. 3. Prioritizing secure coding practices and conducting thorough testing to identify and fix vulnerabilities before deployment could have enhanced the security of the system [130276]. 4. Following best practices for website development and security standards to create a more resilient and secure platform could have reduced the likelihood of a successful attack [130276].
Fixes	1. Conduct a thorough security audit of the electronic system infrastructure to identify vulnerabilities and weaknesses that allowed for the breach [130276]. 2. Implement robust security measures and protocols to enhance the overall security of the system, such as encryption, multi-factor authentication, and regular security updates [130276]. 3. Enhance the training and awareness of staff members responsible for maintaining and monitoring the system to prevent future breaches and unauthorized access [130276]. 4. Address the underlying issues in the system's design and development process to ensure that security is prioritized from the beginning of the software development lifecycle [130276]. 5. Consider revising and updating regulations related to electronic system management to address potential loopholes and improve cybersecurity standards [130276].
References	1. Expert in cybersecurity and founder of Ethical Hacker Indonesia, Teguh Aprianto [Article 130276]

Software Taxonomy of Faults

Category	Option	Rationale
Recurring	one_organization	(a) The software failure incident having happened again at one_organization: The incident of the website of the Ministry of Communication and Information Technology (Kominfo) being hacked is a significant software failure incident that occurred within the same organization [130276]. The security of the website was compromised, allowing unauthorized access to the system. The hacker was able to manipulate data and even upload content, highlighting a serious breach in the system's security measures. This incident raises concerns about the quality and security of the website, especially considering the substantial budget allocated for its development. (b) The software failure incident having happened again at multiple_organization: There is no information in the provided article about the software failure incident happening again at other organizations or with their products and services.
Phase (Design/Operation)	design, operation	(a) The software failure incident related to the design phase is evident in the article. The incident occurred due to the poor infrastructure of the electronic system owned by the Ministry of Communication and Information Technology (Kominfo), which made it vulnerable to hacking. The consultant and founder of Ethical Hacker Indonesia, Teguh Aprianto, highlighted that the hackers were able to breach the system easily by manipulating a small part of the system on the website, granting them access as administrators. This design flaw in the system's infrastructure allowed for unauthorized access and manipulation of data [130276]. (b) The software failure incident related to the operation phase is also apparent in the article. The hackers were able to disrupt access to the Penyelenggara Sistem Elektronik Kominfo website, displaying an error message on the screen stating "kesalahan di sisi user" (error on the user side). This indicates that the failure was experienced during the operation of the system, preventing users from accessing the website as intended [130276].
Boundary (Internal/External)	within_system, outside_system	(a) The software failure incident reported in Article 130276 is within_system. The incident involved the hacking of the electronic system website owned by the Ministry of Communication and Information Technology (Kominfo). The security expert questioned the security of the website, stating that the infrastructure was very poor, making it easy to hack. The hacker accessed the system as an admin by manipulating a small part of the system within the website. The incident highlighted the vulnerability of the system due to its poor quality and lack of proper security measures [130276].
Nature (Human/Non-human)	non-human_actions, human_actions	(a) The software failure incident in this case occurred due to non-human actions, specifically a breach by a hacker who accessed the Penyelenggara Sistem Elektronik Kominfo website on July 23. The hacker was able to manipulate the system and gain admin access easily due to the poor infrastructure and security of the website [130276]. (b) The software failure incident also involved human actions as the hacker intentionally breached the website out of curiosity and to highlight the vulnerabilities in the system. The hacker pointed out the lack of proper security measures and urged Kominfo to prioritize creating a secure and functional application before requiring electronic system providers to register. Additionally, there were concerns raised about the quality of the website given the substantial budget allocated for its development [130276].
Dimension (Hardware/Software)	software	(a) The articles do not provide information about the software failure incident occurring due to hardware issues [130276]. (b) The software failure incident reported in the article is attributed to contributing factors originating in software. The incident involved the hacking of the electronic system website owned by the Ministry of Communication and Information Technology (Kominfo). The security consultant and founder of Ethical Hacker Indonesia, Teguh Aprianto, highlighted that the website's infrastructure was poorly designed, making it easy to hack. The hacker accessed the system as an admin by manipulating a small part of the system within the website. This incident showcases a software failure due to vulnerabilities in the software system [130276].
Objective (Malicious/Non-malicious)	malicious	(a) The software failure incident reported in Article 130276 is considered malicious. The incident involved a breach of the electronic system owned by the Ministry of Communication and Information Technology (Kominfo) by a hacker who accessed the system as an admin and left a message criticizing the security of the website. The hacker mentioned that the breach was done out of curiosity and not with malicious intent. However, the breach allowed unauthorized access to sensitive data, demonstrating a malicious act aimed at exposing vulnerabilities in the system [130276]. (b) The incident described in the article does not align with a non-malicious software failure.
Intent (Poor/Accidental Decisions)	poor_decisions	(a) The intent of the software failure incident was due to poor_decisions. The incident involved the hacking of the electronic system website owned by the Ministry of Communication and Information Technology (Kominfo). The security expert questioned the security of the website, which had a budget of nearly Rp1 trillion, as the infrastructure was deemed very poor and easily hackable. The hacker accessed the site as an admin by manipulating a small part of the system, indicating poor security measures and decision-making in the development of the website [130276].
Capability (Incompetence/Accidental)	development_incompetence	(a) The software failure incident in this case can be attributed to development incompetence. The cybersecurity expert, Teguh Aprianto, criticized the security of the electronic system website owned by the Ministry of Communication and Information Technology (Kominfo) due to its poor infrastructure, making it vulnerable to hacking [130276]. He mentioned that the hacker who breached the site did so out of curiosity and not with malicious intent. The breach was facilitated by the poor quality of the website's infrastructure, allowing the hacker to access it as an admin with ease. Teguh emphasized that with the substantial budget allocated for the website (almost Rp1 trillion), it should have been much more secure and difficult to breach, highlighting the incompetence in the development of the website. (b) There is no specific mention of the software failure incident being accidental in the provided article.
Duration	temporary	The software failure incident reported in Article 130276 was temporary. The incident involved a breach of the electronic system of the Ministry of Communication and Information Technology (Kominfo) on July 23. The breach was described as being done out of curiosity and not with malicious intent. The breach allowed the perpetrator to access the system as an admin, leading to a notification of errors on the user side. The incident resulted in users or the public being unable to access the system, with a message indicating errors on the user side [130276].
Behaviour	crash, value, other	(a) crash: The software failure incident described in Article 130276 can be categorized as a crash. The incident involved a breach of the electronic system website owned by the Ministry of Communication and Information Technology (Kominfo), leading to the system being hacked and inaccessible to users. The breach resulted in users being unable to access the website, with an error message displayed on the screen indicating "kesalahan di sisi user" (error on the user side) [130276]. (b) omission: There is no specific mention of the software failure incident in the articles being related to omission. (c) timing: There is no specific mention of the software failure incident in the articles being related to timing. (d) value: The software failure incident in Article 130276 can be associated with a failure in value. Despite the significant budget allocated for the procurement of the electronic system website (almost Rp1 trillion), the system was easily hacked, indicating a failure in delivering the expected value in terms of security and robustness. The breach allowed unauthorized access to sensitive data and the manipulation of information within the system [130276]. (e) byzantine: There is no specific mention of the software failure incident in the articles being related to a byzantine failure. (f) other: The software failure incident in Article 130276 can be characterized by a lack of robustness and security in the system, leading to a breach that compromised the integrity and availability of the website. The incident highlights a failure in ensuring the system's resilience against external threats and unauthorized access, emphasizing the importance of cybersecurity measures in software development and maintenance [130276].

IoT System Layer

Layer	Option	Rationale
Perception	None	None
Communication	None	None
Application	None	None

Other Details

Category	Option	Rationale
Consequence	theoretical_consequence	(a) death: People lost their lives due to the software failure (b) harm: People were physically harmed due to the software failure (c) basic: People's access to food or shelter was impacted because of the software failure (d) property: People's material goods, money, or data was impacted due to the software failure (e) delay: People had to postpone an activity due to the software failure (f) non-human: Non-human entities were impacted due to the software failure (g) no_consequence: There were no real observed consequences of the software failure (h) theoretical_consequence: There were potential consequences discussed of the software failure that did not occur (i) other: Was there consequence(s) of the software failure not described in the (a to h) options? What is the other consequence(s)? The articles do not mention any consequences related to death, harm, basic needs, property loss, or non-human entities due to the software failure incident reported. The primary consequence discussed in the articles is the potential risk posed by the breach in terms of data security and manipulation [130276].
Domain	government	The software failure incident reported in Article 130276 is related to the government sector. The failed system was the website of the Ministry of Communication and Information Technology (Kominfo) in Indonesia, specifically the Penyelenggara Sistem Elektronik (PSE) website. This system was breached by hackers, leading to concerns about the security and quality of the infrastructure ([130276]).

Sources

Situs PSE Kominfo senilai hampir Rp1 triliun diretas: 'Anggaran sefantastis itu kok kualitasnya buruk?' - BBC.com - Published on: 2022-07-27
Article ID: 130276

Back to List