In Indonesia, the fact is that most corporations are still relatively unaware of the importance of website security. This has seen an increase in many skilled hackers causing a variety of security incidents throughout Indonesia, as well as on an international level. It is extremely important to make sure that your website's security is thoroughly up to date, as revealed by a professional with a deep understanding of how cyber hacking/software vulnerability works. This is due to hackers having a similar mindset in regards to finding security holes to exploit. If hackers do succeed in breaking through your security systems, there could be a variety of risks other than your website being hacked into; additionally, your website/business could be used to conduct criminal activities, thereby covering the perpetrators tracks in the process. This is one of many reasons why improving your website’s security is a must, even for relatively simple websites.
An Indonesian Airline had once become the victim to a cyber-attack, resulting in the leakage of
important passenger data. The data leakage stemmed from two sources, the first of which
contained 21 million articles of data, and the other, 14 Million. Indonesian telecommunications
companies have previously fallen victim to cyber-attacks using web-defacing techniques. ‘Web
defacing’ changes the appearance of a website, altering its main page, index file and other
pages that are still bound to the website’s URL.
Several Cyber-Security incidents have occurred, not only to corporate entities, but also against government agencies. Based on data obtained from the CSIS (Center for Strategic and International Studies), there are many state-run institutions worldwide that have experienced such cyber-attacks, notably several US Cancer Research agencies that were hacked into in order to retrieve information related to the latest data in regards to developments in the study of cancer. North Korean Hackers have also carried out phishing attacks on foreign officials, aiming to decipher nuclear related information. The Indonesian General Election Commission had also reported Hackers from China and Russia had previously examined the database of Indonesian voters before the presidential and legislative elections were held.
Presently, as many as 74% of companies have over 1000 highly sensitive files stored within their
archives. 21% of which often lack capable protection, thereby being vulnerable in becoming the
victims of hacking. Additionally, 41% of companies commonly store over 1000 sensitive files that
are not well protected. These can include credit card cumbers and other financial records.
Furthermore, based on Varonis’ data, 65% of companies have 500 users who have never changed their passwords. In fact, based on a study conducted by the Ponemon Institute in 2017, as many as 69% of organizations do not believe that Anti-Virus Software can help solve a data breach related threat. Hackers have various techniques to hack and access important company data. In lacking good cyber security, both large and small companies can fall victim to all kinds of cyber-attacks. This happens because every business has assets criminals may seek to exploit. Sometimes assets are in the form of money, financial information, personal information of staff and customers, or even business infrastructure.
Businesses are now ample targets in the eyes of cyber hackers and data thieves. The reason for this is clear: a massive amount of sensitive data has now been digitized in order to adapt to the New Normal policies, therefore cyber criminals have expanded their activities in response.
Recent trends suggest that there exists a strong link between a growing culture of cyber hacking and the onset of Covid-19. This is due in large part to the natural growth in digital transformation across the world, currently accelerated by the spread of Covid 19. In essence, with the new challenges presented by the worldwide pandemic, businesses have sought to adapt to the “New Normal” mode of operations, thereby fast-tracking their rate of digitization. However, with this overall digital transformation comes a major risk. From phishing attacks, social engineering schemes to Credential Theft, almost every industry, big and small, has been bracing for a dramatic evolution in the world of cyber fraud. And one would be wise to adapt their business side by side to this evolution.
For example, tech advancements found in Cloud technology, the Internet of Things (IoT), Big Data and other tools that optimize the strength of a company’s overall workflow have all of a sudden become a major point of weakness. This is due to the fact that such ubiquitous technologies require data storage to be transferred from an onsite to virtual basis, effectively solidifying the process of digital transformation within a business. However, one can see how having the majority (or even the entirety) of a company’s key data floating within the same environment as cyber criminals operate could be considered a major risk.
If your business, along with the majority of firms, has further sought to incorporate digital means into your corporate infrastructure, one should be aware that there is an increased risk that cyber fraud could befall your data. In fact, the chances are greatly increased in that face of further digitization, with the nature of cyberattacks increasing, for example, with a whopping 600% overall since the start of the aforementioned global crisis. The recent exploitation of video conferencing meetings is an indicator of this new trend; in 2020 alone, around half a million individuals experienced their video calls being hacked into, from which various articles of personal data had been stolen such as names, addresses, passwords, etc. Also, from the onset of the pandemic, phishing attacks have been up a full 15%, with a staggering 57 percent of organizations now seeing weekly to daily occurrences of phishing attacks (as reported by GreatHorn). A new variety of hackers are even incorporating highly advanced machine learning technology in order to remain hidden, as well as evolving their hacking techniques through the use of not just email, but also SMS and voice chat.
Therefore, it comes as no surprise that the demand for digital security in these overly tech-reliant times has been growing as well. In fact, Logique has been able to successfully protect itself through employing a professional team of highly experienced penetration testing experts. If your company is without this convenience, and is looking to prepare your own digital infrastructure against the increasingly likely chance of experiencing a data breach, feel free to contact us and book your company for a pentest.
We have performed security assessments on the websites of government organizations, financial institutions, e-commerce businesses as well as car manufacturers. In most cases, you will be shocked with the test results; however this will allow you to make note of the risk and thereby make an appropriate strategy against it. LOGIQUE will assist you in preventing such risks through the constant monitoring of security. While conducting penetration tests for various companies, we had subsequently discovered several security holes that required immediate patching up. Some examples of the bugs we had encountered are as follows:
|Time||Industry||Object of Assesment||Found Problems (Risk Level)|
|Sep - Oct 2019||Travel||Web app||5||4||2|
|Sep - Oct 2019||Media||Online Media||8||0||3|
|Sep - Oct 2019||Entrainment||Network infrastructure||4||2||1|
|Sep - Oct 2019||E-commerce||Market Place Web||8||4||4|
|Oct - Nov 2019||Forwarding||Website company profile||5||5||3|
|Oct - Nov 2019||E-commerce||Web app||6||0||2|
|Oct - Nov 2019||E-commerce||Web app||2||2||1|
|Oct - Dec 2019||E-commerce||Web app||53||1||0|
|Nov - Dec 2019||E-commerce||Mobile app for Android||2||2||2|
|Nov - Dec 2019||E-commerce||E-commerce||3||2||2|
|Nov - Dec 2019||E-commerce||E-commerce||2||2||1|
|Nov 2019||Fintech||Web app||1||2||3|
|Nov 2019||Fintech||Mobile app for IOS and Android||2||4||2|
|Dec 2019||Finance||Corporate Web||2||1||4|
|Dec 2019||Automotive||Corporate Web||4||0||2|
|Dec 2019||Service||Member web||3||4||3|
|Jan 2020||Fintech||Web App||0||2||0|
|Jan 2020||Fintech||Mobile App||1||8||1|
|Jan 2020||Fintech||Network Infrastructure||0||3||0|
|Feb 2020||Automotive||Network Infrastructure||0||0||1|
|Feb 2020||Service||Web App||0||4||1|
|Feb 2020||Mobilephone Provider||Web App||1||10||2|
|Mar 2020||Airline||Web App||0||4||1|
|Mar 2020||Financial Planner||Web App||4||1||2|
|Mar 2020||Travel||Web App||5||4||2|
|Apr 2020||Service||Network Infrastructure||0||1||2|
|Apr 2020||Service||Web App||0||1||3|
|May 2020||Insurance||Web App||4||4||1|
|May 2020||Insurance||Network Infrastructure||0||2||3|
|Jun 2020||Pharmacies||Web App||0||2||0|
|Jun 2020||Fintech||Web App||5||0||0|
|Sep 2020||Fintech||Web App||0||4||2|
|Oct 2020||Agriculture||Network Infrastructure||0||5||1|
Cyber Security Related Article
Cyber Security Trends of 2021
With the rapid modernization of society comes the mass adoption of a variety of new technologies. Currently, all entities from large to small corporations and ...
18 Juni 2021 | By krisna tegtmeier
Simple Steps to Protect Your Online Data
Privacy has been a central point for concern within the current age of digital technology. From keeping our data within brick-like hardware devices to storing ...
16 April 2021 | By krisna tegtmeier
Penetration Testing: How it can Save Your Business
Securing the safety of your company’s digital infrastructure should be among the top priorities on your list of to-dos, especially during this current Pandemic, where ...
23 November 2020 | By krisna tegtmeier
A Different kind of Virus: Hackers exploiting the Covid-19 Pandemic
The coronavirus outbreak is devastating many industries. But one industry seems to have found an opportunity in the chaos. That industry is ‘Hacking’. Indeed, with ...
09 April 2020 | By Feradhita NKD
Coronavirus Themed Malware that Erases and Steals Hard Drive Data
Experts have discovered a new type of malware that can steal and delete data from a user’s device. The virus purportedly attacks the Master Boot ...
09 April 2020 | By Feradhita NKD
Besides leveraging the skills of specialists who are certified and experienced in conducting Penetration Testing (Pentest) and Security Assessments, we also have specialists who are no less reliable in providing a variety of other services, such as Digital Marketing. LOGIQUE aims to assist your company in carrying out digital campaigns in regards to Search Engine Marketing (SEM), Content Marketing, Search Engine Optimization (SEO), Social Media optimization and others.
Our team can help your company maximise its performance within every channel used in the digital campaign being carried out. We can maximise your desired conversion rates through SEM services, as well as increase your overall organic traffic through applying various SEO improvements and achieve peak engagement through a variety of social media optimizations. So what are you waiting for? Immediately consult your business needs with us and our digital marketing team will strive to design the best strategy for you.
Website Security Testing White Paper
LOGIQUE has collaborated with PT Dtechcorp Konsultindo Prima (Dtechcorp Consulting), an experienced consulting agency registered with the BSSN (National Cyber & Crypto Agency) and KOMINFO (Ministry of Communication and Information Technology), so as to meet the needs & standards of the POJK-based information technology (IT) security auditing services. We also provide consultation services for any clients aiming to obtain an ISO certification.