The country has established the Indonesian Aviation Sector Computer Security Incident Response Team (IAS-CSIRT) to strengthen cybersecurity. The team will report to the Ministry of Transportation’s Director General of Air Transportation.
To anticipate system vulnerabilities, identify opportunities for bad actors to exploit, and reduce the risk of cyber incident threats, the aviation sector required a dedicated cybersecurity team. The CSIRT will regularly publish information on vulnerabilities, security, and new technology trends. The team is also prepared to face various escalating challenges. Members of the CSIRT will be trained through cyber drills and workshops.
The team is in charge of receiving, reviewing, and responding to cyber incident reports and activities with the function of providing reactive services by performing incident coordination, incident triage, and incident resolution.
During the IAS-CSIRT inaugural speech, the Deputy for Cybersecurity and Economic Cryptography of the National Cyber and Crypto Agency (BSSN), Markos, said that the aviation industry increasingly relies on digital technology for flight operations, ground services, communications navigation and surveillance, airport infrastructure, air traffic management, and supply chain.
Therefore, cybercrime prevention and management are crucial for many parties, including aviation service providers. F. Budi Prayitno, the Director of Aviation Security at the Ministry of Transportation, outlined the importance of cyber defence since cybercrime has resulted in considerable losses across sectors. “Effective cyber-crime prevention and management necessitate the collaboration of various cyber security stakeholders who already have a CSIRT,” said Budi. The BSSN contributed to the formation of the IAS-CSIRT.
Markos hopes that the IAS-CSIRT will be able to collaborate, synergise, and share information with various stakeholders and other cybersecurity constituencies in Indonesia, particularly in the handling and recovery of cyber incidents.
BSSN wants other sectors to form a CSIRT as well. The IAS-CSIRT was established for the first time (IIV) following the issuance of Presidential Regulation 82 of 2022 concerning the Protection of Vital Information Infrastructure. Sector IIV prioritises the CSIRT because it manages various strategic information assets related to community survival, national stability, and sovereignty.
Before the inauguration, BSSN signed a memorandum of understanding (MoU) and cooperation agreement with state-owned Aviasi Wisata Indonesia (InJourney Group) to support the tourism industry. In addition, cooperation on information protection and electronic transactions intends to improve the quality of information protection and electronic commerce.
The agreement’s scope includes information and communication technology security, the use of electronic certificates to improve electronic transaction security, the improvement and development of human resources, the exchange of information, and cybersecurity campaigns and literacy.
At the signing ceremony, the Head of the National Cyber and Crypto Agency (BSSN), Hinsa Siburian, emphasised the importance of synergy and collaboration to recover the Indonesian aviation and tourism industry through a reliable and safe digital transformation.
Furthermore, between January and November 2022, BSSN detected over 1.14 million traffic anomalies across all InJourney Group assets. BSSN said the most anomalies were discovered in August, with 235,742 events.
The collaboration is expected to make digital information transactions and exchanges more secure and leak-proof. The rapid advancement of digital technology presents an opportunity for Injourney to gain trust and confidence in the Indonesian tourism industry. However, as a result, it must be balanced with maximum data, information, and electronic transaction security.