Cyber Security in Indonesian Higher Education Institutions: Lessons Learned from Recent Cyber Attacks

Jonathan Nahum Marpaung

doi:10.30645/jurasik.v10i1.876

Cyber Security in Indonesian Higher Education Institutions: Lessons Learned from Recent Cyber Attacks

Jonathan Nahum Marpaung^(1*),

(1) Universitas Indonesia, Indonesia
(*) Corresponding Author

Abstract

Cyber security is paramount to the sustainability of higher education institutions as more institutions move their information system to the cloud and allow stakeholders to access their information technology services from on-campus WIFI and mobile devices. This study aims to understand Indonesian higher education's current cyber security landscape by analyzing recent cyber-attacks that hit all sectors, notably higher education. Recent news articles and government reports related to cyber-security were analyzed using document analysis. This study found that data theft attacks were the number one cyber threat that higher education institutions faced, followed by attacks on institutional websites, social media pages, and personal mobile devices. This study found that the nature of recent cyber-attacks was consistent with the assessment posed by previous literature that stakeholders’ recent level of ability in cyber-security is not where it is supposed to be. The potential impact of future cyber-attacks on institutions and stakeholders is significant, underscoring the importance of this new understanding, which can help institutions prepare their stakeholders better to mitigate such threats.

Full Text:

PDF

References

D. Ghifari, “I think Indonesia’s cybersecurity is run by 14-year olds’: Hackers,” Asian News, 2022. Accessed: Jan. 07, 2025. [Online]. Available: https://asianews.network/i-think-indonesias-cybersecurity-is-run-by-14-year-olds-hackers/

CNN Indonesia, “Data Pedulilindungi Tak Dienkripsi? Pakar Sindir Beda UCAP Dan Fakta,” CNN, 2022. Accessed: Jan. 07, 2025. [Online]. Available: https://www.cnnindonesia.com/teknologi/20221116133010-192-874507/data-pedulilindungi-tak-dienkripsi-pakar-sindir-beda-ucap-dan-fakta

K. H., F. M., M. R., and H. Fajraoui, “Cloud Computing Security Challenges in Higher Educational Institutions - A Survey,” Int. J. Comput. Appl., vol. 161, no. 6, pp. 22–29, Mar. 2017, doi: 10.5120/ijca2017913217.

Insetyonoto, “Gawat, data 125.000 Mahasiswa Undip Bobol!,” Gatra, 2021. Accessed: Jan. 07, 2025. [Online]. Available: https://www.gatra.com/news-500217-hukum-gawat-data-125000-mahasiswa-undip-bobol.html

International Telecommunication Union, “International Telecommunication Union, ITU-T Rec. X.1205, Overview of cybersecurity,” 2008. Accessed: Jan. 07, 2025. [Online]. Available: https://www.itu.int/rec/dologin_pub.asp?lang=e&id=T-REC-X.1205-200804-I!!PDF-E&type=items

L. Muniandy, B. Muniandy, and Z. Samsudin, “Cyber Security Behaviour among Higher Education Students in Malaysia,” J. Inf. Assur. Cybersecurity, pp. 1–13, Feb. 2017, doi: 10.5171/2017.800299.

A. Arina and A. Anatolie, “Cyber Security Threat Analysis In Higher Education Institutions As A Result Of Distance Learning,” Int. J. Sci. Technol. Res. , vol. 10, no. 3, pp. 128–133, Mar. 2021.

E. C. K. Cheng and T. Wang, “Institutional Strategies for Cybersecurity in Higher Education Institutions,” Information, vol. 13, no. 4, p. 192, Apr. 2022, doi: 10.3390/info13040192.

A.-C. Cojocariu, I. Verzea, and R. Chaib, “Aspects of Cyber-Security in Higher Education Institutions,” 2020, pp. 3–11. doi: 10.1007/978-3-030-44711-3_1.

M. J. Maranga and M. Nelson, “Emerging Issues in Cyber Security for Institutions of Higher Education,” Int. J. Comput. Sci. Netw., vol. 8, no. 4, pp. 371–379, Aug. 2019.

JOINT CHIEFS OF STAFF WASHINGTON DC, “Department of Defense Dictionary Of Military and Associated Terms,” Dec. 2010. doi: 10.21236/ADA536504.

A. Bendovschi, “Cyber-Attacks – Trends, Patterns and Security Countermeasures,” Procedia Econ. Financ., vol. 28, pp. 24–31, 2015, doi: 10.1016/S2212-5671(15)01077-1.

A. Alharthi, F. Yahya, R. J. Walters, and G. B. Wills, “An Overview of Cloud Services Adoption Challenges in Higher Education Institutions,” in Proceedings of the 2nd International Workshop on Emerging Software as a Service and Analytics, SCITEPRESS - Science and and Technology Publications, 2015, pp. 102–109. doi: 10.5220/0005529701020109.

N. Sultan, “Cloud computing for education: A new dawn?,” Int. J. Inf. Manage., vol. 30, no. 2, pp. 109–116, Apr. 2010, doi: 10.1016/j.ijinfomgt.2009.09.004.

V. H. Pardeshi, “Cloud Computing for Higher Education Institutes: Architecture, Strategy and Recommendations for Effective Adaptation,” Procedia Econ. Financ., vol. 11, pp. 589–599, 2014, doi: 10.1016/S2212-5671(14)00224-X.

Y. A. M. Qasem, R. Abdullah, Y. Y. Jusoh, R. Atan, and S. Asadi, “Cloud Computing Adoption in Higher Education Institutions: A Systematic Review,” IEEE Access, vol. 7, pp. 63722–63744, 2019, doi: 10.1109/ACCESS.2019.2916234.

S. Carlin and K. Curran, “Cloud Computing Security,” in Pervasive and Ubiquitous Technology Innovations for Ambient Intelligence Environments, IGI Global, pp. 12–17. doi: 10.4018/978-1-4666-2041-4.ch002.

B. Alouffi, M. Hasnain, A. Alharbi, W. Alosaimi, H. Alyami, and M. Ayaz, “A Systematic Literature Review on Cloud Computing Security: Threats and Mitigation Strategies,” IEEE Access, vol. 9, pp. 57792–57807, 2021, doi: 10.1109/ACCESS.2021.3073203.

M. Almorsy, J. Grundy, and I. Müller, “An Analysis of the Cloud Computing Security Problem,” Sep. 2016.

R. Al Nafea and M. Amin Almaiah, “Cyber Security Threats in Cloud: Literature Review,” in 2021 International Conference on Information Technology (ICIT), IEEE, Jul. 2021, pp. 779–786. doi: 10.1109/ICIT52682.2021.9491638.

A. Garba, Maheyzah Binti Sirat, Siti Hajar, and Ibrahim Bukar Dauda, “Cyber Security Awareness Among University Students: A Case Study,” Sci. Proc. Ser., vol. 2, no. 1, pp. 82–86, Apr. 2020, doi: 10.31580/sps.v2i1.1320.

Microsoft, “Microsoft Digital Defense Report 2022,” 2022. Accessed: Jan. 07, 2025. [Online]. Available: https://query.prod.cms.rt.microsoft.com/cms/api/am/binary/RE5bUvv?culture=en-us&country=us

X. Liu et al., “Cyber security threats: A never-ending challenge for e-commerce,” Front. Psychol., vol. 13, Oct. 2022, doi: 10.3389/fpsyg.2022.927398.

J. Jang-Jaccard and S. Nepal, “A survey of emerging threats in cybersecurity,” J. Comput. Syst. Sci., vol. 80, no. 5, pp. 973–993, Aug. 2014, doi: 10.1016/j.jcss.2014.02.005.

J. Jeong, J. Mihelcic, G. Oliver, and C. Rudolph, “Towards an Improved Understanding of Human Factors in Cybersecurity,” in 2019 IEEE 5th International Conference on Collaboration and Internet Computing (CIC), IEEE, Dec. 2019, pp. 338–345. doi: 10.1109/CIC48465.2019.00047.

F. Khalid, M. Daud, M. Rahman, and M. Nasir, “An investigation of university students’ awareness on cyber security,” Int. J. Eng. Technol., vol. 7, no. 421, pp. 11–14, 2014.

L. Hadlington, “The ‘Human Factor’ in Cybersecurity,” in Research Anthology on Artificial Intelligence Applications in Security, IGI Global, 2020, pp. 1960–1977. doi: 10.4018/978-1-7998-7705-9.ch087.

M. Richardson, P. Lemoine, W. Stephens, and R. Weller, “Planning for Cyber Security in Schools: The Human Factor,” Educ. Plan., vol. 27, no. 2, pp. 23–39, 2020.

H. Snyder, “Literature review as a research methodology: An overview and guidelines,” J. Bus. Res., vol. 104, pp. 333–339, Nov. 2019, doi: 10.1016/j.jbusres.2019.07.039.

S. Shaw, J. Elston, and S. Abbott, “Comparative analysis of health policy implementation:,” Policy Stud., vol. 25, no. 4, pp. 259–266, Dec. 2004, doi: 10.1080/0144287042000288451.

W. Goddard and S. Melville, Research Methodology: An Introduction. Juta and Company, 2004.

G. A. Bowen, “Document Analysis as a Qualitative Research Method,” Qual. Res. J., vol. 9, no. 2, pp. 27–40, Aug. 2009, doi: 10.3316/QRJ0902027.

M. Bengtsson, “How to plan and perform a qualitative study using content analysis,” NursingPlus Open, vol. 2, pp. 8–14, 2016, doi: 10.1016/j.npls.2016.01.001.

R. Whittemore and K. Knafl, “The integrative review: updated methodology,” J. Adv. Nurs., vol. 52, no. 5, pp. 546–553, Dec. 2005, doi: 10.1111/j.1365-2648.2005.03621.x.

National CSIRT of Indonesia, “Lanskap Keamanan Siber Indonesia 2023,” 2023. Accessed: Jan. 07, 2025. [Online]. Available: https://csirt.kemenkeu.go.id/in/post/lanskap-keamanan-siber-indonesia-2023

Interpol, “ASEAN cyberthreat assessment 2020,” 2020. Accessed: Jan. 07, 2025. [Online]. Available: https://asean.org/wp-content/uploads/2021/01/ASEAN_CyberThreatAssessment_2020.pdf

DetikJateng, “Situs fib UGM diretas, hacker Tulis Pesan soal jual beli konten seks mahasiswa,” DetikJateng, 2022. Accessed: Jan. 07, 2025. [Online]. Available: https://www.detik.com/jateng/jogja/d-6365071/situs-fib-ugm-diretas-hacker-tulis-pesan-soal-jual-beli-konten-seks-mahasiswa

DOI: http://dx.doi.org/10.30645/jurasik.v10i1.876

DOI (PDF): http://dx.doi.org/10.30645/jurasik.v10i1.876.g851

Refbacks

There are currently no refbacks.

JURASIK (Jurnal Riset Sistem Informasi dan Teknik Informatika)
Print/Online ISSN 2527-5771/2549-7839
Organized by LPPM STIKOM Tunas Bangsa
Published by STIKOM Tunas Bangsa
W: https://tunasbangsa.ac.id/ejurnal/index.php/jurasik

This work is licensed under a Creative Commons Attribution-ShareAlike 4.0

JURASIK (Jurnal Riset Sistem Informasi dan Teknik Informatika)
Published Papers Indexed/Abstracted By:

Jumlah Kunjungan : View My Stats

Username
Password
Remember me