Cyber Incident Victim: Universitas Jember

On May 12, 2017, the WannaCry ransomware infected computer systems at Universitas Jember's library, encrypting critical data and rendering it inaccessible. The attack displayed ransom demands in Indonesian language, instructing victims to pay Bitcoin cryptocurrency to regain access to their files. Library staff immediately disconnected affected computers from the university network upon detecting the encryption activity, preventing further spread across campus systems. The incident disrupted all digital library services, including electronic catalog access, digital repository systems, and internet-based research tools. This forced the library to revert to manual record-keeping processes for book loans and academic material distribution.

The university's IT department initiated containment protocols by isolating infected machines and scanning connected systems for vulnerabilities. Technical teams worked to restore operations using backup data stored on separate servers unaffected by the ransomware. Security patches were applied university-wide to address the EternalBlue vulnerability exploited by WannaCry. Universitas Jember collaborated with Indonesia's national cybersecurity response team to analyze the attack vectors and strengthen network defenses. The incident caused significant operational delays in academic services for several days while recovery efforts prioritized securing student records and research databases. University administrators issued campus-wide alerts about the threat and mandated system updates across all departments to prevent recurrence.