Indonesia Is Hit by 3,300 Cyberattacks Every Week — And Most Go Undetected for Months

The Facts

The numbers from FalconFeeds.io's Indonesia incident tracking through the first half of 2024 are not easy to process: 3,300 cyberattacks per week, sustained across a six-month measurement window. That is roughly 470 attacks every day, across a country of 270 million people with one of the world's fastest-growing digital economies.

Indonesia's Badan Siber dan Sandi Negara (BSSN) — the National Cyber and Crypto Agency — publishes periodic incident data that broadly aligns with these external measurements. The government has acknowledged that both public and private sector organisations are being targeted at escalating frequency, and that the dark web contains numerous posts offering Indonesian government data for sale.

The 2024 acceleration is not coincidental. Indonesia's digital transformation has been aggressive — expanding e-government services, digital banking penetration, and internet connectivity to previously offline regions — without proportional security investment following the expansion. The attack surface grew faster than defences could adapt.

Complicating the picture is the detection lag. Across ASEAN, the average time between a breach occurring and the organisation detecting it is 187 days. Indonesia's enterprise security operations capacity — both in terms of security tools deployed and trained analysts available — means the actual detection lag may exceed this regional average.

Technical Deep-Dive

The 3,300 weekly attacks encompass a spectrum of severity: automated scanning for exposed vulnerabilities (the bulk of volume), web application attacks against government portals and e-commerce platforms, phishing campaigns targeting Indonesian banking customers, and more sophisticated targeted intrusions against high-value institutions.

Indonesia's government IT infrastructure represents a particularly concentrated target. The e-government push has centralised citizen data across platforms including the national identity database (Dukcapil), the national health insurance system (BPJS), and the general elections commission (KPU) — each of which has been subject to documented breach incidents in the 2021-2024 period.

The National Data Centre incident in June 2024 — where ransomware disrupted 282 government agencies' services simultaneously — demonstrated the risk of centralised government cloud infrastructure without adequate security controls. The attacker exploited Windows Defender configuration weaknesses to deploy the LockBit-3.0 Brain Cipher variant, disabling backup systems before encrypting production data.

The ASEAN Perspective

Indonesia's combination of scale, digital ambition, and security infrastructure gap creates a risk profile that concerns its ASEAN neighbours. Supply chain attacks on Indonesian manufacturers — with integrated connections to Singapore, Malaysia, Thailand, and Japan — mean that Indonesian organisations are potential entry points into regional corporate networks.

The PDP Law that came into force in October 2024 creates a legal framework requiring Indonesian organisations to protect personal data, report breaches, and appoint Data Protection Officers. The law is modelled in part on GDPR. However, the enforcement agency (Komisi Informasi and BSSN jointly) is still building its inspection and enforcement capability, meaning the law's practical impact on security investment will lag its legal requirements.

RECATOOLS Verdict

3,300 attacks per week against a single country is not a manageable number through reactive defences alone. The volume necessitates automated detection, response, and recovery — and Indonesia's journey toward that capability is measured in years, not months.

The PDP Law creates the legal scaffold. The BSSN provides the national coordination structure. What remains is sustained investment in enterprise and government security operations capability at a scale proportional to the attack surface.

Sources

• FalconFeeds.io Indonesia 2024 Attack Data
• Positive Technologies ASEAN Cyberthreats 2023-2024
• BSSN National Cybersecurity Reports 2024

FAQ

How many cyberattacks does Indonesia face? Between February and August 2024, Indonesia averaged approximately 3,300 cyberattacks per week, according to FalconFeeds.io tracking data.

What is Indonesia's BSSN? Badan Siber dan Sandi Negara — Indonesia's National Cyber and Crypto Agency, responsible for national cybersecurity policy and incident coordination.

What was the National Data Centre attack? A June 2024 ransomware attack using Brain Cipher (a LockBit variant) that disrupted services across 282 Indonesian government agencies simultaneously.

Does Indonesia have data protection law? Yes — Indonesia's Personal Data Protection Law (PDP Law) came into force in October 2024, creating GDPR-style obligations for organisations handling Indonesian personal data.

Why is the detection lag so high? Limited security operations capacity (tools and trained analysts) means Indonesian organisations often lack the monitoring capability to detect intrusions until visible operational impact occurs.