Being the Main Target of Cyber Attacks, Here's How Banks Maintain Digital Security

In the research "Cybersecurity Economics for Emerging Markets" released by the World Bank in 2024, it shows that cyber attacks globally are dominated by financial motives.

Benedictus Krisna Yogatama Muhammad Arfan Tarigan
4 Minutes
By: Benediktus Krisna Yogatama, Muhammad Arfan Tarigan
Being the Main Target of Cyber Attacks, Here's How Banks Maintain Digital Security
Prima Talkshow Media Gathering Event, Jakarta (27/8/2025). Photo: Arfan SUAR.

Cybersecurity Economics for Emerging Markets research released by the World Bank in 2024 shows that cyberattacks globally are dominated by financial motives. A total of 73.9% of publicly disclosed cyberattack incidents between 2014 and 2023 were due to financial motives - far surpassing other motives such as politics or espionage.

In developing countries, cases of data exploitation with financial motives reached 41.1%. So, what are the modes of cyber attacks that occur in Indonesia and how to overcome them?

Digital transformation has brought convenience, but also great challenges in the form of increasingly sophisticated cyber attacks. According to Bank Central Asia (BCA) Vice President Sugianto Wono, at the Prima Talkshow Media Gathering, Jakarta, (27/8/2025), BCA realizes that no matter how sophisticated security technology is, it will never be enough without public awareness and cross-sector collaboration.

He explained that the forms of cyber attacks include theft of personal data, ransomware attacks, and various modes of fraud that are increasingly diverse.

Cyber attackers, he continued, continue to innovate and even have communities to share strategies. One mode that is now rampant is the use of fake base transceiver station (BTS) transmitters .

One mode of cyber attack that is now rampant is the use of fake base transceiver station (BTS) transmitters .

"They install fake BTS devices that have the range to access cell phones, especially 2G networks, so that the victim's cell phone is automatically connected to it. Through that signal, they can send fraudulent SMS that look very similar to messages from banks," he explains.

Sugianto emphasized that cybercriminals take advantage of loopholes in telecommunications, but financial institutions are often to blame. Therefore, according to him, education is very important so that people are not easily fooled.

Like BCA, OCBC Bank also places customer security as a top priority. According to Rudy Hamdani, Assisted Channel & Services Division Head of OCBC Indonesia, customer security is OCBC's main concern in running its banking services.

OCBC, according to Rudy, is committed to ensuring the security of systems and operational services used by banks, so as to provide excellent banking services to customers.

According to Rudy, OCBC also continues to improve governance and internal controls related to cybersecurity risk management. "The bank continuously strengthens IT governance to improve operational resilience and cybersecurity," he told SUAR (11/8/2025).

In addition to strengthening internal systems, Rudy also emphasized the importance of customer participation in financial crime prevention. According to him, customer awareness is the key to fighting digital fraud modes.

In addition to strengthening internal systems, Rudy also emphasized the importance of customer participation in financial crime prevention.

"OCBC regularly conducts educational campaigns to increase customer awareness of digital crime modes such as phishing, social engineering, and online-based fraud," said Rudy.

He also urged customers to always be vigilant to protect personal information and personal data. If there is suspicious activity in digital banking services, customers should report immediately.

Personal data protection 

In response to the implementation of the Personal Data Protection Law (UU PDP) in Indonesia, Sugianto Wono emphasized that BCA strongly supports this regulation. The PDP Law provides a strong legal foundation to protect the rights of data subjects and build corporate reputation.

"The PDP Law is good for protecting our data. At BCA, we have implemented it as part of our commitment to keep our customers' personal data safe," he said.

As part of its commitment, the Djarum Group-owned bank has appointed a data protection officer (DPO) to provide input, monitor implementation, and ensure all company policies are in line with the PDP Law. This step is also part of BCA's efforts to ensure that customer data is processed as needed and not misused.

Sugianto also shared some practical tips for the public to avoid becoming a victim of cyber attacks:

  1. Avoid Public Wifi: Avoid conducting financial transactions or accessing confidential data while connected to a public wi-fi network.
  2. Use Strong and Unique Passwords: Create passwords of at least 14 characters that are difficult to guess, and don't use the same password for multiple accounts.
  3. Beware of Phishing: Always be suspicious of e-mails or SMS asking for personal data, and never click on links or download apps from unknown sources.

Holistic challenges and solutions

Chairman of the Indonesia Cybersecurity Forum (ICSF) Ardi Sutedja highlighted the increasing complexity of cyberattacks in the financial sector. He said that at present, even sophisticated technology is powerless to deal with increasingly complicated attacks, especially with the entry of AI (artificial intelligence).

"The technological devices that are now believed to be able to [overcome], have proven to be powerless," Ardi told SUAR (28/8/2025).

In addition, Ardi said, many financial companies such as banks are not prepared to face a post-cyber incident crisis. In fact, each incident is very expensive, both in terms of financial losses and reputation. "When an incident occurs, we are confused about what to do, which leads to panic and speculation," he said.

Furthermore, Ardi explained that the solution to this problem lies not only in technology, but also in three main pillars.

First, competent human resources (HR). Indonesia, he said, still lacks experienced cybersecurity experts. "There are quite a lot of engineers who understand cybersecurity. But those with experience are very limited," he explained. 

Second, the implementation of strong governance, risk and compliance. According to him, an organization must have clear governance, adequate protocols, and the discipline to adhere to them as fundamental keys.

Finally, Ardi emphasized the importance of building a risk-aware organizational culture. This includes three aspects: organizational culture, digital culture, and the risk culture itself. Without this awareness, a company will find it difficult to recognize potential dangers lurking. 

In addition, leadership also plays a crucial role. "A leader must be able to see the problem from the highest point of view, from the helicopter view," he concluded.

He emphasized that if a leader is unable to see the problem as a whole and anticipate risks, then managing the company, especially regarding cybersecurity, will be very difficult.

What about the role of regulators? Dian Ediana Rae, Chief Executive of Banking Supervision at the Financial Services Authority (OJK), stated that OJK always encourages the acceleration of banking digitalization to improve the competitiveness of the Indonesian banking industry.

Banking digitalization must also be carried out while still prioritizing the precautionary principle, especially in the aspect of cyber security.

To improve the quality of banks' cybersecurity systems, OJK has also asked banks to again improve and strengthen cyber incident detection capabilities by conducting round-the-clock monitoring of financial transaction anomalies.

Banking Finance News

Author

Benedictus Krisna Yogatama
Benedictus Krisna Yogatama
Muhammad Arfan Tarigan
Muhammad Arfan Tarigan

Read more

Money Supply Higher Thanks to 7.9% Credit Growth
Banking

Money Supply Higher Thanks to 7.9% Credit Growth

The amount of money in circulation in a broad sense (M2) and bank credit both grew. Both influence each other. This will have a positive effect on economic growth.

4 Minutes
By: Benedictus Krisna Yogatama, Chris Wibisana
Banking Outlook 2026: Credit to Grow Higher, Supported by Interest Rate Decline Trend
featured
Outlook for 2026

Banking Outlook 2026: Credit to Grow Higher, Supported by Interest Rate Decline Trend

Credit distribution is expected to continue growing, supported by the trend of declining global interest rates.

6 Minutes
By: Benedictus Krisna Yogatama, Chris Wibisana
Notes from the Indonesian Banking World Throughout 2025
Kaleidoscope 2025

Notes from the Indonesian Banking World Throughout 2025

Summary of important and influential events in the banking industry during 2025.

8 Minutes
By: Benedictus Krisna Yogatama, Chris Wibisana
Government Provides Three-Year Loan Relief for Disaster Victims in Sumatra
Natural Disasters

Government Provides Three-Year Loan Relief for Disaster Victims in Sumatra

The government will provide relaxation of small business credit (KUR) distribution to three provinces affected by flooding in Sumatra within three years. Currently, the areas affected by the disaster are Aceh, North Sumatra, and West Sumatra.

5 Minutes
By: Benedictus Krisna Yogatama, Ridho Sukra