Yogyakarta, 18th April 2019 – The day after the voting process of Indonesian Election 2019 has been done, Center for Digital Society (CfDS) presented any forms of cybersecurity threats that had already occurred in the election process, while projecting several threats that could potentially disrupt the post-election situation. The presentation also emphasized that behind the success of the Indonesian Election 2019, there were various types of cybersecurity threats that sought to disrupt the implementation of Indonesia’s democracy, and we should be aware of it together.
Election & Cyber Threats
Several examples of cyber attack that happened in the pre-period of Indonesian Election 2019 can be realized in the form of hoax dissemination that seeks to prevent the public from voting, such as the dissemination of the wrong election date or the dissemination of unethical personal information from political candidates who has the potential to defame the candidate's reputation. While the potential for cyber threats during the Post-Election Period can be realized in the form of data hacking and manipulation of voting mechanisms that are involving electronic data processing, such as quick counts.
Inside the electoral process, Scott Shackelford revealed that there were at least five areas that were vulnerable to cyber attacks, namely: 1) information received by voters ahead of the General Election, 2) list of election participants, 3) machines that are used for voting, 4) recapitulation mechanism to determine election’s winners, 5) dissemination system used to disseminate news related to election results. In Indonesia itself, the initial traces of the cyber attack happened when the KPU’s official website was hacked in 2004 by a young man under the pseudonym Xnuxer. Not only in Indonesia, the electoral process that occurs in other countries such as Taiwan, France, the United States, and Brazil also does not escape the threat of cyber attacks. Out of all form of cyber attacks, the threat was dominated by hoax.
Mastel noted that 92.4% of the hoax was distributed through social media, while 62.8% through instant messaging applications, 34.9% through websites, 8.7% by television, 5% using print media, and 3.1% via email. The dissemination process of hoax through social media utilizes cognitive bias in human psychology. Humans have limited processing information, so they tend to choose sources of information that are easy to be consumed. This tendency then causes a group of people to be trapped in their own beliefs and imagination.
Hoax & Cyber Security
Based on data compiled by the Indonesian Ministry of Communication and Information, there are 1,224 hoaxes that were related to political issues (identified from August 2018 to March 2019). The presence of hoax as a cyber threat also means that cyber threats in the digital era are not only technical matters but also human and information matter.
In line with this concept, CfDS also describes 3 main keys in tackling the threats of cyber attacks: 1) people who have digital literacy, 2) adaptive regulations and effective coping mechanisms toward cyber attacks, and 3) technology that is capable of protecting cyberspace. Measures to overcome cybersecurity must be carried out with a collaborative and progressive approach. The private sector, society, and government are key actors in guarding our strongholds against cyber attacks.
CfDS (Center for Digital Society) UGM is a multi-disciplinary research center that is established under the Faculty of Social & Political Sciences University of Gadjah Mada. This research center is built upon the concern over the contemporary dynamics of socio-political condition of the world that is accentuated by the impeccable influence of information technology. The phenomenon triggers the new patterns and complexities in the society, and thus requires new approaches in managing such complexities. Our research and other activities are based on spirits that is aligned with our motto, productive, innovative, & influential.