TheJakartaPost
Please Update your browser
Your browser is out of date, and may not be compatible with our website. A list of the most popular web browsers can be found below.
Just click on the icons to get to the download page.
Popular Reads
Top Results
No results found. Please check your search term and try again
Can't find what you're looking for?
View all search results
Popular Reads
Top Results
No results found. Please check your search term and try again
Can't find what you're looking for?
View all search resultsAnalysis: Cybersecurity breaches on major securities firms raise alarm
Change text size
Gift Premium Articles
to Anyone
Share the best of The Jakarta Post with friends, family, or colleagues. As a subscriber, you can gift 3 to 5 articles each month that anyone can read—no subscription needed!
Indonesia’s national security architecture is susceptible to multiple kinds of digital intrusions, from espionage, cybercrime, cyber-attacks and even cyber warfare. (Shutterstock/File)
T
wo major Indonesian securities firms, NH Korindo Sekuritas and Trimegah Sekuritas, fell victim to cyberattacks in May. NH Korindo managed to fend off the attack before any funds were withdrawn, limiting the damage to operational disruptions. Trimegah, however, wasn’t as fortunate. Losing an estimate of Rp 200 billion (US$12.3 million) from the breach.
The proximity of these two cybersecurity breaches, taking place so close together in time, raised alarms across the industry. In response, the Indonesian Securities Companies Association (APEI), in collaboration with the Indonesia Stock Exchange (IDX), sent formal letters to securities companies operating in Indonesia. These letters strongly urged the companies to immediately enhance and upgrade their cybersecurity systems to better guard against future cyberattacks of a similar nature.
Trimegah’s breach occurred on May 31, during the extended market holiday for Ascension Day that began on May 29. The timing proved critical as Trimegah’s response was delayed, giving the hackers a head start. Sources say the attackers gained access through the app’s application programming interface (API), which they manipulated to send fraudulent fund transfer instructions to the custodian bank. These instructions directed the bank to move money from customer fund accounts (RDN) to third-party bank accounts. Because these instructions appeared to come from legitimate customers, they were approved without suspicion.
Despite the scale of the breach, Trimegah's top brass acted quickly behind the scenes. Insiders revealed that the company’s owners personally covered the missing funds before markets reopened. By Monday morning, June 2, the shortfall had been resolved as if nothing had happened.
Initially, Trimegah appeared to want to keep the incident under wraps, likely to protect its reputation. But when APEI began sending out security advisories, questions were raised within the market, and curiosity grew around what had triggered the alerts.
NH Korindo’s attack, meanwhile, happened earlier on May 19. As in the Trimegah case, hackers breached the API of NH Korindo’s NAIK app. However, NH Korindo’s quick decision to shut down the app entirely helped contain the situation. Both the hackers and customers were locked out for about a week, until May 27, but ultimately, no company funds were lost.
The back-to-back breaches have since pushed some brokerages to tighten their security policies. Sucor Sekuritas, for instance, has updated its fund withdrawal procedures. Custodian banks are now only allowed to transfer funds from a customer’s RDN to bank accounts registered under the same customer’s name. Any request to transfer money to a third-party account is automatically rejected. While the move is meant to bolster protection, some customers have complained that the change is inconvenient.
