By Hidayat Setiaji
JAKARTA (Reuters) – The central banks of Indonesia and South Korea have been hit by cyber attacks on their public websites since activist hacking group Anonymous pledged last month to target banks across the world, senior officials in the two countries told Reuters.
In response to the attempted hacks, Bank Indonesia (BI) has blocked 149 regions that don’t usually access its website, including several small African countries, Deputy Governor Ronald Waas said in an interview late on Monday.
He said several central banks were hit by similar attacks and were sharing the IP addresses used by the perpetrators.
Central banks have been on high alert in the wake of revelations that hackers issued fraudulent money transfers to steal $81 million from the Bangladesh central bank in February.
No money was lost in the attacks on Bank Indonesia and the Bank of Korea, which were mainly DDoS (Distributed Denial of Service) attempts, the officials said.
There was no word on who the hackers were.
Waas said the cyber attacks were unsuccessful because of the cooperation between central banks.
“There is regional cooperation between central banks. Those who have gotten hit are sharing their experiences,” he said.
Anonymous, a loosely associated international network of activists and hackers, originated in 2003. It said in a YouTube video posted in early May that it would launch a 30-day campaign to attack central bank sites in what it dubbed as Operation Icarus.
DDoS is its preferred method of attack, disabling websites by flooding them with internet requests, overwhelming the servers temporarily. Sometimes the hackers succeed in gaining access to data, but rarely do they penetrate more critical systems in such attacks.
Bank of Korea officials told Reuters there was at least one DDoS attack on the bank’s website in May. No harm was done, they said.
“In May, we’ve had so many disturbances,” Benny Sadwiko, who is leading Bank Indonesia’s cyber security efforts, told Reuters.
“They are trying to attack the reputation of the banks. So we’re blocking IP addresses from countries that don’t usually access us.”
In just half a day on Monday, Bank Indonesia detected 273 viruses and 67,000 spam emails to its email server and website, officials said.
In early May, Greece’s central bank said that its website became the target of a cyber attack by Anonymous for a few minutes before the bank’s security systems managed to tackle it. The Central Bank of Cyprus has also said its website briefly came under attack in May.
(Additional reporting by Christine Kim in Seoul; Writing by Gayatri Suroyo; Editing by Randy Fabi and Raju Gopalakrishnan)