Cyber Incident Victim: Tirto.id
Date:
Aug 2020
Location:
Indonesia
Summary
Cyberattacks targeted media outlets including Tirto.id, resulting in website defacement, alongside social media account compromises affecting critics of Jakarta's COVID-19 response. SafeNet linked these incidents to previous digital attacks against government critics, while officials denied involvement and cautioned against premature attribution, suggesting possible third-party provocation to incite conflict between authorities and civil groups.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 3 motives | 2 techniques |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
In early August 2020, multiple cyberattacks targeted Indonesian media outlets and individuals critical of the Jakarta government’s COVID-19 response. Among the confirmed victims were news websites Tempo.co and Tirto.id, both of which experienced website defacement incidents. These attacks coincided with the hacking of University of Indonesia epidemiologist Pandu Riono’s Twitter account, part of a broader pattern documented by the Southeast Asia Freedom of Expression Network (SafeNet). SafeNet recorded six separate cyber incidents during August against high-risk groups including journalists, academics, and activists. The timing aligned with public criticism of government pandemic management policies. Attack methodology involved unauthorized access to digital platforms, with website defacements visibly disrupting normal operations. The incidents occurred shortly before an August 2 online discussion hosted by Ngobrol @Tempo where SafeNet executive director Damar Juniarto first publicly connected the attacks to government critics. Historical context revealed similar digital targeting during 2019 controversies involving Papuan issues and anti-corruption law revisions, establishing a pattern of attacks against dissenters.
The Communications and Information Ministry denied government responsibility for the August 2020 incidents, with Director-General Semuel Abrijani Pangerapan cautioning against premature attribution during an August 27 follow-up discussion. Ministry officials suggested third-party actors could be instigating conflict between civil groups and authorities while offering digital forensic assistance to victims. Media impacts included operational disruptions to Tirto.id and Tempo.co’s web presence during the defacements. Tempo Chief Editor Setri Yasra publicly condemned the interference with media operations following their breach, emphasizing institutional press accountability mechanisms through Indonesia’s Press Council. SafeNet’s documentation highlighted heightened risks for critics during politically sensitive periods, with the COVID-19 pandemic serving as the latest catalyst for targeted digital suppression. No technical details regarding attack vectors or specific defacement content were disclosed in public statements from affected organizations or government representatives.