The Reversal of the Brain Cipher Group after the Attack on Indonesia Terkoneksi

Pietro Melillo : 3 July 2024 15:44

In recent days, the ransomware group known as Brain Cipher severely hit the data center of Indonesia Terkoneksi, an attack that crippled the company’s technological infrastructure. However, in a surprising turnaround, the group decided to release the decryption keys for free. Here are the details of this complex and controversial incident.

Indonesia Terkoneksi

Indonesia Terkoneksi is an initiative by the Indonesian government through the Ministry of Communication and Informatics (Kominfo), aimed at improving and expanding the digital infrastructure throughout the country. The goal is to ensure a stable and accessible internet connection even in the most remote and disadvantaged areas of the country, contributing to Indonesia’s digital transformation.

The First Post: Justifying the Attack

The first post published by the Brain Cipher group on their deep web site aimed to answer the most frequent questions regarding the attack and the decision to provide the decryption keys for free. Here are the main points:

Autonomous Decision: The group emphasized that the decision to release the keys was not influenced by interventions from law enforcement or special services but was made independently.
Team Unity: Contrary to what one might think, there were no misunderstandings within the team; all members supported this decision.
Unique Event: This will be the first and last time a victim receives the keys for free. For all future attacks, victims will have to negotiate.
Attack Motivations: The attack targeted a data center to demonstrate the vulnerability of industries requiring significant investments. Brain Cipher stated that the ease with which they carried out the attack was surprising, managing to encrypt thousands of terabytes of data in a short time.
Negotiation Deadlock: The negotiations reached a deadlock when the other party handed over access to third parties, effectively ending direct communications.
Thanks to Citizens: Brain Cipher expressed gratitude to the citizens for their patience during the attack period.
Conclusion: The group requested the victim to officially confirm that the decryption key works and that the data has been restored, threatening to publish the data otherwise. They also provided detailed instructions on how to use the decryption key.

The Second Post: Public Statement

Scarica Gratuitamente Byte The Silence, il fumetto sul Cyberbullismo di Red Hot Cyber

"Il cyberbullismo è una delle minacce più insidiose e silenziose che colpiscono i nostri ragazzi. Non si tratta di semplici "bravate online", ma di veri e propri atti di violenza digitale, capaci di lasciare ferite profonde e spesso irreversibili nell’animo delle vittime. Non possiamo più permetterci di chiudere gli occhi". Così si apre la prefazione del fumetto di Massimiliano Brolli, fondatore di Red Hot Cyber, un’opera che affronta con sensibilità e realismo uno dei temi più urgenti della nostra epoca. Distribuito gratuitamente, questo fumetto nasce con l'obiettivo di sensibilizzare e informare. È uno strumento pensato per scuole, insegnanti, genitori e vittime, ma anche per chi, per qualsiasi ragione, si è ritrovato nel ruolo del bullo, affinché possa comprendere, riflettere e cambiare. Con la speranza che venga letto, condiviso e discusso, Red Hot Cyber è orgogliosa di offrire un contributo concreto per costruire una cultura digitale più consapevole, empatica e sicura. Contattaci tramite WhatsApp al numero 375 593 1011 per richiedere ulteriori informazioni oppure alla casella di posta [email protected]

Supporta RHC attraverso:

Se ti piacciono le novità e gli articoli riportati su di Red Hot Cyber, iscriviti immediatamente alla newsletter settimanale per non perdere nessun articolo. La newsletter generalmente viene inviata ai nostri lettori ad inizio settimana, indicativamente di lunedì.

In the second post, Brain Cipher further clarified their position and announced the decision to release the keys for free:

Public Statement: The group declared that they would release the keys at no cost the following Wednesday, hoping that the attack had demonstrated the importance of adequately funding the tech industry and hiring qualified personnel.
Apologies to Citizens: They publicly apologized to Indonesian citizens for the impact of the attack, emphasizing that it had no political context but was a penetration test with post-payment.
Request for Gratitude: They requested public gratitude and confirmation that the decision was made consciously and independently. If the government finds it inappropriate to publicly thank the hackers, they can do so privately.
Donations: They left a Monero address for potential donations, hoping to receive something in return for the key provided for free.

Final Considerations

The attack by Brain Cipher on Indonesia Terkoneksi and the subsequent free release of the decryption keys represent an extraordinary event in the world of ransomware. Although the group tried to justify their actions as a way to highlight the need for greater investments and skills in the tech industry, their motivations and the context of the attack remain questionable.

The tech industry and governments worldwide must learn from this incident, improving their cyber defenses and taking the threats posed by ransomware groups seriously.

Pietro Melillo
Head of the Dark Lab group. A Computer Engineer specialised in Cyber Security with a deep passion for Hacking and technology, currently CISO of WURTH Italia, he was responsible for Cyber Threat Intelligence & Dark Web analysis services at IBM, carries out research and teaching activities on Cyber Threat Intelligence topics at the University of Sannio, as a Ph.D, author of scientific papers and development of tools to support cybersecurity activities. Leads the CTI Team "RHC DarkLab"

Lista degli articoli