Legal Protection Of Cybercrime Crimes From Ransomware Attacks And Evaluation Of The Cyber Security And Resilience Bill 2025 In Indonesia'S Defense

Seri Mughni Sulubara, Virdyra Tasril, Nurkhalisah Nurkhalisah

Abstract


The legal safeguarding against ransomware cybercrime is found in multiple regulations. Indonesia possesses various legal frameworks to combat cybercrime, such as the Electronic Information and Transaction Law (UU ITE), the Personal Data Protection Law (UU PDP), and the Criminal Code (KUHP). Ransomware is a type of harmful software. Ransomware locks a user’s data within a computer network, preventing an individual or business from accessing their information. Hackers subsequently extort the victim for a ransom to allow the data owner to regain access to the data. Usually, the payment of the ransom is conducted through cryptocurrency to ensure it remains untraceable. The research methodology, or a means to reach the objectives outlined in the study, employs a qualitative descriptive approach grounded in juridical or normative legal research. This method aims to assess how well the 2025 cyber security and resilience bill can enhance Indonesia's digital defense. The ITE law establishes a legal framework for prosecuting cyber offenders, including ransomware, but it lacks detailed regulations regarding the terminology and methods of ransomware. This creates difficulties in law enforcement, particularly in demonstrating criminal aspects and gathering electronic evidence. Law number 27 of 2022 regarding personal data protection (PDP LAW) establishes a robust legal structure to safeguard personal data from abuse, particularly in relation to ransomware offenses that frequently involve data theft and manipulation. Article 368 of the criminal code concerning conventional extortion can be utilized in ransomware situations, despite not explicitly addressing the digital format. Article 368 of the criminal code addresses the crime of conventional extortion applicable to ransomware incidents, even if it doesn't specifically cover the digital format. The cybersecurity and resilience bill of 2025 aims to enhance Indonesia's cyber defense, emphasizing the protection of cyberspace and the national digital ecosystem. In this regard, the cybersecurity and resilience bill (RUU KKS) 2025 represents a vital measure for the government to bolster national cyber defense. This legislation is intended to outline the responsibilities of various parties in ensuring cybersecurity, set incident reporting requirements, and impose severe penalties for breaches, including prison terms of up to 20 years and fines reaching Rp20 billion.

Keywords


Legal Protection, Cybercrime Crimes, Ransomware Attacks, Cyber Security, Resilience Bill 2025 In Indonesia's Defense

Full Text:

PDF

References


A Yassa, H., N Zakaria, R., & Z Abdellah, N. (2023). COVID-19 Pandemic Fuels Rise in Cybercrime. Journal of Information Security and Cybercrimes Research, 6(1), 01–10. https://doi.org/10.26735/kuxw6317

Achuthan, K., Khobragade, S., & Kowalski, R. (2025). Cybercrime through the public lens: a longitudinal analysis. Humanities and Social Sciences Communications, 1–16. https://doi.org/10.1057/s41599-025-04459-x

Afraji, D. M. A. A., Lloret, J., & Peñalver, L. (2025). Deep learning-driven defense strategies for mitigating DDoS attacks in cloud computing environments. Cyber Security and Applications, 3(September 2024), 100085. https://doi.org/10.1016/j.csa.2025.100085

Alzakari, S. A., Aljebreen, M., Ahmad, N., Alhashmi, A. A., Alahmari, S., Alrusaini, O., Al-Sharafi, A. M., & Almukadi, W. S. (2025). An intelligent ransomware based cyberthreat detection model using multi head attention-based recurrent neural networks with optimization algorithm in IoT environment. Scientific Reports, 15(1), 1–21. https://doi.org/10.1038/s41598-025-92711-4

Arroyabe, M. F., Arranz, C. F. A., De Arroyabe, I. F., & de Arroyabe, J. C. F. (2024). Revealing the realities of cybercrime in small and medium enterprises: Understanding fear and taxonomic perspectives. Computers and Security, 141(February), 103826. https://doi.org/10.1016/j.cose.2024.103826

Bhunia, S., Blackert, M., Deal, H., DePero, A., & Patra, A. (2025). Analyzing the 2021 Kaseya Ransomware Attack: Combined Spearphishing Through SonicWall SSLVPN Vulnerability. IET Information Security, 2025(1). https://doi.org/10.1049/ise2/1655307

Botchkovar, E., Cui, K., Antonaccio, O., Perkins, R., & Maimon, D. (2025). Technology in Society The organized activities of ransomware groups : A social network approach. Technology in Society, 82(February), 102873. https://doi.org/10.1016/j.techsoc.2025.102873

Chimmanee, K., & Jantavongso, S. (2024). Digital forensic of Maze ransomware: A case of electricity distributor enterprise in ASEAN. Expert Systems with Applications, 249(PB), 123652. https://doi.org/10.1016/j.eswa.2024.123652

Dib, O., Nan, Z., & Liu, J. (2024). Machine learning-based ransomware classification of Bitcoin transactions. Journal of King Saud University - Computer and Information Sciences, 36(1), 101925. https://doi.org/10.1016/j.jksuci.2024.101925

Djenna, A., Belaoued, M., Lifa, N., & Moualdi, D. E. (2024). PARCA: Proactive Anti-Ransomware Cybersecurity Approach. Procedia Computer Science, 238, 821–826. https://doi.org/10.1016/j.procs.2024.06.098

Ferretti, G. (2025). A World Shaped by Computer Technologies: For a Hermeneutic Analysis of Computer Protocols. Digital Studies/ Le Champ Numerique, 15(1), 1–22. https://doi.org/10.16995/dscn.11066

Gaber, M., Ahmed, M., & Janicke, H. (2024). Zero Day Ransomware Detection with Pulse: Function Classification with Transformer Models and Assembly Language. Computers & Security, 148(August 2024), 104167. https://doi.org/10.1016/j.cose.2024.104167

Grimberg, F., Asprion, P. M., Schneider, B., Miho, E., Babrak, L., & Habbabeh, A. (2021). The Real-World Data Challenges Radar: A Review on the Challenges and Risks regarding the Use of Real-World Data. Digital Biomarkers, 5(2), 148–157. https://doi.org/10.1159/000516178

Gruber, J., Voigt, L. L., Benenson, Z., & Freiling, F. C. (2022). Foundations of cybercriminalistics: From general process models to case-specific concretizations in cybercrime investigations. Forensic Science International: Digital Investigation, 43, 301438. https://doi.org/10.1016/j.fsidi.2022.301438

Hossain, M. A., Hasan, T., Ahmed, F., Cheragee, S. H., Kanchan, M. H., & Haque, M. A. (2025). Towards superior android ransomware detection: An ensemble machine learning perspective. Cyber Security and Applications, 3(July 2024), 100076. https://doi.org/10.1016/j.csa.2024.100076

Hussain, A., Saadia, A., Alhussein, M., Gul, A., & Aurangzeb, K. (2024). Enhancing ransomware defense: deep learning-based detection and family-wise classification of evolving threats. PeerJ Computer Science, 10, 1–44. https://doi.org/10.7717/peerj-cs.2546

Kim, K., Lee, S., Ramachandran, S., & Alzahrani, I. (2025). Cryptocurrency-driven ransomware syndicates operating on the darknet : A focused examination of the Arab world. Egyptian Informatics Journal, 30(January), 100665. https://doi.org/10.1016/j.eij.2025.100665

Kwon, D., Borrion, H., & Wortley, R. (2024). Measuring Cybercrime in Calls for Police Service. Asian Journal of Criminology, 19(3), 329–351. https://doi.org/10.1007/s11417-024-09432-2.

Law No. 3 of 2002 on State Defense.

Law Number 27 of 2022 on the Protection of Personal Data (UU PDP), and Law No. 3 of 2002 on State Defense.

Law Number: 1 Year 2024 on the Second Amendment to Law Number: 11 Year 2008 on Electronic Information and Transactions.

Luuk, B., (Maria) Susanne, V. H. de G., Ellen, M. ter H., Ynze, V. H., Remco, S., & Eric Rutger, L. (2023). Protecting your business against ransomware attacks? Explaining the motivations of entrepreneurs to take future protective measures against cybercrimes using an extended protection motivation theory model. Computers and Security, 127, 103099. https://doi.org/10.1016/j.cose.2023.103099

Makhortykh, M., Sydorova, M., Baghumyan, A., Vziatysheva, V., & Kuznetsova, E. (2024). Stochastic lies: How LLM-powered chatbots deal with Russian disinformation about the war in Ukraine. Harvard Kennedy School Misinformation Review, 5(4), 1–21. https://doi.org/10.37016/mr-2020-154

Mughni, S., & Prayetno, B. E. (2023). Cakrawala : Jurnal Pengabdian Masyarakat Global Mengetahui Aturan Hukum dengan Menghafal Naskah Pembukaan UUD 1945 dan Pasal- Pasal UUD 1945 Secara Tekstual dan Mengetahui Makna yang Tekandung di Dalamnya Bagi Siswa-Siswi IPA-IPS SMA Negeri 7 Takengon Kno. Cakrawala: Jurnal Pengabdian Masyarakat Global, 2(4). https://doi.org/https://doi.org/10.30640/cakrawala.v2i4.1758

Oh, D. Bin, Kim, D., & Kim, H. K. (2024). volGPT: Evaluation on triaging ransomware process in memory forensics with Large Language Model. Forensic Science International: Digital Investigation, 49(S), 301756. https://doi.org/10.1016/j.fsidi.2024.301756

Onwuadiamu, G. (2025a). Cybercrime in criminology; A systematic review of criminological theories, methods, and concepts. Journal of Economic Criminology, 8(February), 100136. https://doi.org/10.1016/j.jeconc.2025.100136

Onwuadiamu, G. (2025b). Cybercrime in criminology; A systematic review of criminological theories, methods, and concepts. Journal of Economic Criminology, 8(December 2024), 100136. https://doi.org/10.1016/j.jeconc.2025.100136

Rahmath Nisha, S., & Muthurajkumar, S. (2023). Semantic Graph Based Convolutional Neural Network for Spam e-mail Classification in Cybercrime Applications. International Journal of Computers, Communications and Control, 18(1), 1–12. https://doi.org/10.15837/ijccc.2023.1.4478

Soekanto, S. (2019). Penelitian Hukum Normatif. Hukum, 1(1), 4.

Sudjito, B., Majid, A., Sulistio, F., & Ruslijanto, P. A. (2016). Tindak Pidana Pornografi dalam Era Siber di Indonesia. Wacana, Jurnal Sosial Dan Humaniora, 19(02), 66–72. https://doi.org/10.21776/ub.wacana.2016.019.02.1

Sulubara, S. M. (2021). Pemahaman Constitusional System of Indonesia (UUD) 1945 Understanding. Sejahtera: Jurnal Inspirasi Mengabdi Untuk Negeri, 48(2), 39–62. https://doi.org/https://doi.org/10.58192/sejahtera.v3i3.2356

Sulubara, S. M. (2023). Gen Z Wajib Tau! Edukasi dan Penguatan Pasal-Pasal UUD 1945 bagi Generasi Z (Pasca Milenal) bagi Siswa-Siswi SMA Negeri 4 Takengon. Karunia: Jurnal Hasil Pengabdian Masyarakat Indonesia, 01(4), 1–23. https://doi.org/https://doi.org/10.58192/karunia.v2i4.1552

Sulubara, S. M. (2024a). Menyajikan Berbagai Insiden Cybercrime yang Terjadi di Indonesia , Termasuk Pencurian Data dan Peretasan Situs Web Pemerintah. Konsensus: Jurnal Ilmu Politik Dan Komunikasi, 1(6), 199–206. https://doi.org/https://doi.org/10.62383/konsensus.v1i6.692

Sulubara, S. M. (2024b). Perlindungan Data Pribadi dalam Kasus Ransomware : Apa Kata Hukum ? Eksekusi: Jurnal Ilmu Hukum Dan Administrasi Negara, 2(4), 426–434. https://doi.org/DOI: https://doi.org/10.55606/eksekusi.v2i4.1823

Sumarna, D., & Kadriah, A. (2023). Penelitian Kualitatif Terhadap Hukum Empiris. Jurnal Penelitian Serambi Hukum, 16(02), 101–113. https://doi.org/10.59582/sh.v16i02.730

Tariq, U. (2024). Combatting ransomware in ZephyrOS-activated industrial IoT environments. Heliyon, 10(9), e29917. https://doi.org/10.1016/j.heliyon.2024.e29917

Tubaishat, A., & Alaleeli, H. (2024). A Framework to Prevent Cybercrime in the UAE. Procedia Computer Science, 238, 558–565. https://doi.org/10.1016/j.procs.2024.06.060

Unson, I., & Zhuang, J. (2025). Resource allocation in multi-layer, continuous defense, security games versus strategic attackers. Risk Sciences, 1(December 2024), 100010. https://doi.org/10.1016/j.risk.2024.100010

Wissink, I. B., Standaert, J. C. A., Stams, G. J. J. M., Asscher, J. J., & Assink, M. (2023). Risk factors for juvenile cybercrime: A meta-analytic review. Aggression and Violent Behavior, 70(March), 101836. https://doi.org/10.1016/j.avb.2023.101836

Wright, D., & Kumar, R. (2023). Assessing the socio-economic impacts of cybercrime. Societal Impacts, 1(1–2), 100013. https://doi.org/10.1016/j.socimp.2023.100013

Zainuddin, M., & Karina, A. D. (2023). Penggunaan Metode Yuridis Normatif dalam Membuktikan Kebenaran pada Penelitian Hukum. Smart Law Journal, 2(2), 114–123. https://journal.unkaha.com/index.php/slj/article/view/26




DOI: https://doi.org/10.30596/dll.v10i2.25786

Refbacks

  • There are currently no refbacks.


Address:

Faculty of Law,  University of Muhammadiyah Sumatera Utara Jl. Kapten Mukhtar Basri No. 3 Medan, Kode Pos 20238

E-mail: delegalata@umsu.ac.id

Telp/HP/WA : 081262102097

DE LEGA LATA: Jurnal Ilmu Hukum is abstracting & indexing in the following databases: 

       

   Creative Commons License

De Lega Lata: Jurnal Ilmu Hukum is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.

Statcounter