Strengthening Cyber Defences in Developing Countries: Offensive and Adversarial AI Threats

In the advancing digital era, cyberattacks have become significant threats to various sectors in Indonesia.

Authors:Tuhu NugrahaandRaditio Ghifiardi

In the advancing digital era, cyberattacks have become significant threats to various sectors in Indonesia. Two types of cyberattacks that are increasingly prominent are offensive attacks and adversarial attacks. Offensive attacks use AI techniques to exploit vulnerabilities in computer systems and networks, while adversarial attacks aim to deceive or manipulate AI models with seemingly legitimate but harmful input data. Adversarial attacks need to be particularly watched due to the rapid adoption of generative AI, which can enhance these attack techniques.

The recent ransomware attack on the National Data Centre (PDN) in Indonesia highlights the vulnerabilities of our digital infrastructure. In this incident, hackers infiltrated the PDN system and demanded a ransom of IDR 131 billion. The fact that the password used was “Admin#1234” underscores the weaknesses in security practices that can be easily exploited by offensive attacks. Subsequent reports indicate that 239 institutions using PDN services were affected, including ministries, agencies, provinces, regencies, and cities.

The Growing Threats of Cyberattacks

The trend of increasing cyberattacks in developing countries, including Indonesia, indicates that the acceleration of digital transformation brings significant new risks. As more sectors adopt AI technology, the threat from adversarial attacks that manipulate AI models to produce incorrect predictions or classifications is becoming increasingly apparent. According to the 2023 Global Cybersecurity Report, developing countries are primary targets for cyberattacks, particularly those aiming to steal financial data. Indonesia ranks among the top 10 most targeted countries. The report highlights a 32% increase in cyberattacks on financial institutions in developing countries over the past year. This surge is attributed to the rapid digitization of financial services and the adoption of new technologies without adequate cybersecurity measures. Similarly, the 2023 Kaspersky Report highlights a significant increase in cyberattacks on critical infrastructure worldwide, including in developing countries like Indonesia. The report notes a 45% increase in ransomware attacks targeting government and healthcare sectors. This rise is linked to the vulnerabilities in outdated systems and the lack of comprehensive cybersecurity policies.

Figure 1:  Cybersecurity Perception and Preparedness: Business Executives vs. Cyber Leaders

The following chart compares the perception of threats and preparedness between business executives and cyber leaders based on the Global Cybersecurity Outlook 2022 report. It highlights key areas such as ransomware threats, integration of cyber resilience in risk management, confidence in cyber resilience, and the vulnerability of SMEs.

Cybersecurity Perception and Preparedness: Business Executives vs. Cyber Leaders (2022)

The following chart compares the perception of threats and preparedness between business executives and cyber leaders based on the Global Cybersecurity Outlook 2022 report. It highlights key areas such as ransomware threats, integration of cyber resilience in risk management, confidence in cyber resilience, and the vulnerability of SMEs.

Data Source: Global Cybersecurity Outlook 2022

Figure 2: Global Cyberattack Hotspots. This map shows the global distribution of cyberattacks, highlighting hotspots in developing countries.

Global Cyberattack Hotspots

The map below shows the hotspots for cyberattacks around the world, based on recent historical data. Countries like the USA, China, India, Brazil, Russia, and Indonesia have experienced a high number of cyberattacks, particularly in the form of phishing, ransomware, and state-sponsored hacking.

Data Sources:

Impact on Various Sectors

Cybersecurity has become a primary concern along with the acceleration of digital transformation across various sectors. AI offers enhancements in cybersecurity measures, making them more effective and efficient. AI can help in real-time threat detection, automated incident response, and enhanced threat analysis capabilities.

In the context of Indonesia and other developing countries, incidents like the ransomware attack on PDN highlight the importance of improving cybersecurity awareness and practices. The rapid adoption of generative AI adds to this complexity, making it crucial for organizations to take proactive steps in securing their systems against offensive and adversarial AI threats.

Sector Vulnerabilities in Indonesia

In Indonesia, several sectors are most vulnerable to offensive and adversarial attacks, including the financial, government, healthcare, energy, and transportation industries. Given these sector-specific vulnerabilities, it becomes imperative to adopt robust mitigation strategies that can address the unique challenges posed by these sophisticated cyberattacks. The financial sector, including banks, insurance companies, and fintech, is highly vulnerable because attacks can disrupt operations, steal sensitive data, or manipulate trading systems. Fraud detection or risk assessment models can be deceived by adversarial attacks, leading to financial losses and reputational damage. The government sector is also vulnerable, especially critical infrastructure such as industrial control systems that manage power grids, water supplies, or transportation. Attacks on these systems can cause major disruptions to public services and endanger public safety. Additionally, public service systems such as healthcare, education, and taxation are vulnerable to attacks that can disrupt access to essential services and leak citizens’ data. The healthcare sector faces high risks with attacks that leak sensitive patient medical data, disrupt care, or even endanger lives. Adversarial attacks can manipulate diagnoses or treatment plans generated by AI models. Networked medical devices, such as infusion pumps or pacemakers, are also vulnerable to attacks that could harm patients. The energy sector is vulnerable to attacks that can disrupt power grids and cause widespread outages, disrupting economic activities. Oil and gas refineries are also at risk because attacks can disrupt energy production and distribution, leading to shortages and price increases. The transportation sector, including air traffic control systems and autonomous vehicles, is also highly at risk. Attacks can disrupt flights, endanger passenger safety, and cause economic losses. Adversarial attacks can deceive sensors or control systems in autonomous vehicles, leading to accidents.

The vulnerabilities of these sectors are due to their reliance on technology, the storage of sensitive data, and the potential wide-ranging impact of operational disruptions. Strong protection and appropriate mitigation measures are essential to reduce the risk of increasingly sophisticated cyberattacks.

Vulnerabilities and Challenges in Indonesia and Developing Countries

Several factors increase vulnerabilities in Indonesia and other developing countries. First, the reliance on technology is increasing, with many sectors relying on technology, including AI, for their operations. Second, a lack of awareness and knowledge about the risks of offensive and adversarial attacks makes many organizations and individuals unprepared to face these threats. Third, limited human and financial resources for cybersecurity exacerbate these vulnerabilities.

Personal Stories

Imagine Sarah, a young entrepreneur in Jakarta, who poured her life savings into her online clothing boutique. One morning, she woke up to find her website defaced, her customer data stolen, and her business in ruins. This wasn’t just a cyberattack; it was a personal assault on her dreams. Sarah’s story is not unique. Thousands of small businesses in Indonesia and across the developing world face similar threats every day, often lacking the resources or knowledge to defend themselves.

The challenges faced by Indonesia are also common in other developing countries. Developing countries increasingly rely on technology to drive economic growth and improve public services. However, awareness of cybersecurity risks remains low, making organizations and individuals more vulnerable. Limited human and financial resources also make it difficult for developing countries to invest in cybersecurity. Additionally, less developed and more vulnerable technological infrastructure, as well as immature or inadequate legal and regulatory frameworks related to cybersecurity, further exacerbate the situation.

Comparative Analysis

The vulnerabilities and challenges in developing countries differ from those in developed countries for several key reasons. First, developed countries usually have more advanced and protected technological infrastructure, reducing the risk of cyberattacks. Second, developed countries have larger human and financial resources to invest in cybersecurity, allowing them to develop and implement more effective security solutions. Third, awareness and knowledge of cybersecurity in developed countries are generally higher, making organizations and individuals better prepared to face threats. Finally, the legal and regulatory frameworks in developed countries are usually more mature and integrated, providing better protection against cyberattacks.

Thus, developing countries face more complex and layered challenges in improving their cybersecurity. The combination of technological reliance, lack of awareness, limited resources, vulnerable infrastructure, and immature regulations makes them more vulnerable to increasingly sophisticated cyberattacks, unlike the conditions faced by developed countries.

Mitigation Strategies

To reduce the risk of offensive and adversarial attacks, organizations and governments in Indonesia and other developing countries can take several proactive steps. First, increase awareness by educating employees and users about the risks of attacks and how to identify them. Second, implement best cybersecurity practices by using the latest security software, regularly updating systems, and enforcing strong authentication. Third, conduct regular security testing, including penetration testing and adversarial testing, to identify and fix vulnerabilities. Fourth, collaborate by sharing information about threats and vulnerabilities with other organizations and the government.

Leveraging Emerging Technologies for Cybersecurity

The adoption of AI provides powerful tools to combat these threats. Generative AI (Gen AI) offers innovative solutions for enhancing cybersecurity measures. It can analyze vast amounts of data in real-time to detect anomalies and potential threats that traditional systems might miss. It can automate responses to detected threats, reducing the time between detection and action. It can help organizations understand the tactics, techniques, and procedures (TTPs) used by cybercriminals. It can forecast potential security breaches by analyzing trends and historical data. It can assist in generating secure code by identifying and correcting vulnerabilities during the development process. It can analyze emails and other communication for signs of phishing attempts, flagging suspicious messages before they reach users. It can detect deviations from normal activity that may indicate compromised accounts or insider threats.

Managing AI Risks

The adoption of AI also introduces several new cybersecurity risks, including adversarial attacks, data poisoning, model theft, algorithmic bias, privacy concerns, lack of transparency, and over-reliance on AI. Therefore, managing cybersecurity with AI requires a multifaceted approach that includes strong governance, validation and monitoring, automation, access control, regular audits and updates, high availability and disaster recovery, and continuous protection.

These measures are important not only for companies and organizations but also for governments in Indonesia and other developing countries to ensure that the digital infrastructure of the nation is protected from increasingly sophisticated threats. A mindset shift is also necessary, recognizing that cybersecurity is no longer just a “nice to have,” but a logical consequence that must be invested in when organizations go digital and adopt AI. Without adequate investment in cybersecurity, the risks faced can have serious impacts on operational and national security.

By adopting these strategies, developing countries can strengthen their cyber resilience and reduce the risk of attacks that can disrupt operations, the economy, and the security of society at large. Cybersecurity must become a top priority and integral part of every digital initiative to ensure that the benefits of technology can be realized without compromising security and stability.

Importance of International Cooperation

Addressing the increasingly complex cybersecurity challenges in the era of artificial intelligence (AI) requires solid international collaboration. Developed countries can play a crucial role by sharing knowledge, technology, and resources to strengthen the cyber defences of developing countries, which are more vulnerable to attacks. International organizations like the United Nations also have a crucial role in formulating global cybersecurity standards and best practices.

Recent Initiatives

The United Nations initiative through the High-Level Advisory Body on Artificial Intelligence demonstrates a strong commitment to improving AI governance, promoting the use of AI for good, and mitigating AI-related risks. Additionally, the AI Safety Summit initiated by UK Prime Minister Rishi Sunak in London in 2023, followed by the AI Seoul Summit in 2024, has resulted in significant steps towards responsible AI development and use.

The outcomes of the AI Seoul Summit, such as the launch of an international network of AI safety institutions, the announcement of the Manchester Prize finalists, and the joint statement on international collaboration, show a global commitment to addressing AI risks and challenges. In-depth discussions on key issues like bias, privacy, transparency, and accountability, along with commitments to continue dialogue and collaboration, strengthen efforts to ensure safe, ethical, and beneficial AI development and use for all humanity.

Going forward, the global cybersecurity agenda must prioritize assistance for developing countries vulnerable to cyberattacks. Developed countries and international organizations need to work together to strengthen cybersecurity infrastructure, raise awareness of cyber threats, and build local capacity to respond to cyberattacks. With strong collaboration and shared commitment, we can create a safer and more inclusive digital environment for everyone.

Call to Action

To effectively combat the growing cyber threats, we must act now. Here are specific actions to take. Governments must allocate significant resources to develop and maintain robust cybersecurity infrastructure. To enact and enforce comprehensive cybersecurity regulations that address both offensive and adversarial AI threats. To actively participate in international cybersecurity initiatives, sharing threat intelligence and best practices with other nations. To launch nationwide cybersecurity awareness campaigns to educate citizens and businesses about the risks and preventive measures. Organizations or Enterprises must make cybersecurity an integral part of your business strategy, not just an afterthought. To adopt and rigorously implement industry-standard cybersecurity frameworks and best practices. To keep all software, systems, and security protocols up to date to patch vulnerabilities and address emerging threats. To conduct regular security assessments, including penetration testing and adversarial testing, to identify and rectify weaknesses. To provide comprehensive cybersecurity training to all employees to raise awareness and equip them to identify and respond to threats. Individuals To keep abreast of the latest cybersecurity threats and trends through reliable sources. To follow best practices for password management, email security, and safe browsing habits. If you encounter any suspicious online activity, report it to the relevant authorities or your organization’s security team. To Exercise caution when clicking on links or downloading attachments, especially from unknown sources. International Community To provide financial and technical assistance to developing countries to strengthen their cybersecurity capabilities. To develop and promote international cybersecurity standards and best practices to ensure a unified approach to threat mitigation. To encourage collaboration and information sharing between countries to address the global nature of cyber threats. By taking these concerted actions, we can create a safer and more resilient digital ecosystem for everyone. The time to act is now. Let us join forces to safeguard our digital future.

Conclusion

Developing countries, including Indonesia, face significant challenges in dealing with offensive and adversarial AI attacks. However, with the implementation of appropriate mitigation measures, increased cybersecurity awareness, and robust international cooperation, they can significantly strengthen their cyber defences and mitigate the risks of damaging attacks. The rapid adoption of generative AI necessitates special attention to ensure that emerging threats are effectively managed. By acting now and fostering a collaborative global effort, we can build a safer and more resilient digital future for everyone.

*Raditio Ghifiardi is an acclaimed IT and cybersecurity professional and future transformative leader in AI/ML strategy. Expert in IT security, speaker at global and international conferences, and driver of innovation and compliance in the telecom and banking sectors. Renowned for advancing industry standards and implementing cutting-edge security solutions and frameworks.

Tuhu Nugraha
Tuhu Nugraha
Digital Business & Metaverse Expert Principal of Indonesia Applied Economy & Regulatory Network (IADERN)