Legal Protection Against Cybercrime from Ransomware Attacks and Evaluation of the 2025 Cyber Security and Resilience Bill in Indonesia's Defense
DOI:
https://doi.org/10.62383/aliansi.v2i5.1234Keywords:
Cybercrime, Evaluation, Indonesia's Defense, Legal Protection, Ransomware AttackAbstract
This research examines in-depth legal protection against cybercrime in Indonesia, with a specific focus on ransomware attacks. It also evaluates the 2025 Draft Cyber Security and Resilience Law (RUU KKS) as a measure to strengthen the national cyber defense system. The increase in ransomware cases targeting personal data, public institutions, and vital infrastructure has posed a serious threat to information security and national stability. Although the 2008 Electronic Information and Transactions Law (UU ITE) and the 2022 Personal Data Protection Law (UU PDP) serve as the legal basis, these two regulations do not yet specifically and comprehensively regulate ransomware. This results in challenges in law enforcement and victim protection, both in technical aspects, coordination, and human rights protection. The research method used is normative legal with a qualitative approach, which includes analysis of primary and secondary legal materials, as well as comparisons with regulations in several countries that have more mature ransomware handling mechanisms. The analysis of the 2025 Cyber Security Bill (RUU KKS) indicates that this draft regulation has the potential to strengthen the authority of cyber authorities, mandate reporting of cyber incidents, and impose stricter sanctions on perpetrators. However, implementing this policy requires effective cross-agency coordination, transparent oversight, and synergy between the public and private sectors. This study concludes that the 2025 Cyber Security Bill (RUU KKS) represents a strategic step in building a national cybersecurity system that is adaptive, integrated, and responsive to evolving cyber threats. However, its success will depend heavily on improving public digital security literacy, multi-sectoral collaboration, investment in detection and prevention technology, and guaranteeing human rights protection. These findings are expected to provide input for policymakers in formulating comprehensive and sustainable cybersecurity regulations as a bulwark of national defense in the digital era.
Downloads
References
Journals/Proceedings :
Achuthan, K., Khobragade, S., & Kowalski, R. (2025). Cybercrime through the public lens: A longitudinal analysis. Humanities and Social Sciences Communications, 1–16. https://doi.org/10.1057/s41599-025-04459-x
Afraji, D. M. A. A., Lloret, J., & Peñalver, L. (2025). Deep learning-driven defense strategies for mitigating DDoS attacks in cloud computing environments. Cyber Security and Applications, 3(September 2024), 100085. https://doi.org/10.1016/j.csa.2025.100085
Almotiri, S. H. (2025). AI driven IoMT security framework for advanced malware and ransomware detection in SDN. Journal of Cloud Computing, 14(1). https://doi.org/10.1186/s13677-025-00745-w
Alshehri, A. (2025). Developing a multi-layer agent framework to enhance AI-generated educational questions for cybersecurity. Journal of Umm Al-Qura University for Engineering and Architecture. https://doi.org/10.1007/s43995-025-00136-x
Alzakari, S. A., Aljebreen, M., Ahmad, N., Alhashmi, A. A., Alahmari, S., Alrusaini, O., Al-Sharafi, A. M., & Almukadi, W. S. (2025). An intelligent ransomware-based cyberthreat detection model using multi-head attention-based recurrent neural networks with optimization algorithm in IoT environment. Scientific Reports, 15(1), 1–21. https://doi.org/10.1038/s41598-025-92711-4
Azrica, H., & Sulubara, S. M. (2023). Legalitas transaksi e-commerce dalam platform Shopee ditinjau dalam Kitab Undang-Undang Hukum Perdata (Burgerlijk Wetboek), Undang-Undang Nomor 8 Tahun 1999 tentang Perlindungan Konsumen dan perspektif fiqih muamalah. Hakim: Jurnal Ilmu Hukum dan Sosial, 1(3), 1–23. https://doi.org/10.51903/hakim.v1i3.1305
Bhunia, S., Blackert, M., Deal, H., DePero, A., & Patra, A. (2025). Analyzing the 2021 Kaseya ransomware attack: Combined spearphishing through SonicWall SSLVPN vulnerability. IET Information Security. https://doi.org/10.1049/ise2/1655307
Botchkovar, E., Cui, K., Antonaccio, O., Perkins, R., & Maimon, D. (2025). The organized activities of ransomware groups: A social network approach. Technology in Society, 82(February), 102873. https://doi.org/10.1016/j.techsoc.2025.102873
Dafoe, J., Chen, N., Chen, B., & Wang, Z. (2024). Enabling per-file data recovery from ransomware attacks via file system forensics and flash translation layer data extraction. Cybersecurity, 7(1). https://doi.org/10.1186/s42400-024-00287-9
Hossain, M. A., Hasan, T., Ahmed, F., Cheragee, S. H., Kanchan, M. H., & Haque, M. A. (2025). Towards superior Android ransomware detection: An ensemble machine learning perspective. Cyber Security and Applications, 3(July 2024), 100076. https://doi.org/10.1016/j.csa.2024.100076
Li, Y., & Liu, Q. (2021). A comprehensive review study of cyber-attacks and cybersecurity: Emerging trends and recent developments. Energy Reports, 7, 8176–8186. https://doi.org/10.1016/j.egyr.2021.08.126
Oh, D. B., Kim, D., & Kim, H. K. (2024). volGPT: Evaluation on triaging ransomware process in memory forensics with large language model. Forensic Science International: Digital Investigation, 49(S), 301756. https://doi.org/10.1016/j.fsidi.2024.301756
Onwuadiamu, G. (2025). Cybercrime in criminology: A systematic review of criminological theories, methods, and concepts. Journal of Economic Criminology, 8(February), 100136. https://doi.org/10.1016/j.jeconc.2025.100136
Sarkar, G., & Shukla, S. K. (2023). Behavioral analysis of cybercrime: Paving the way for effective policing strategies. Journal of Economic Criminology, 2(September), 100034. https://doi.org/10.1016/j.jeconc.2023.100034
Seri Mughni Sulubara, A. A. (2024). Legalitas fintech peer-to-peer lending pinjaman online dalam aspek hukum konvensional. MANDUB: Jurnal Politik, Sosial, Hukum dan Humaniora, 2(2), 177–187. https://doi.org/10.59059/mandub.v2i2.1184
Seri Mughni Sulubara, H. P. L., Simbolon, N. Y., & F. R. (2024). Teori hukum perdata (Studi kasus: Transaksi e-commerce Shopee Paylater) (Edisi pertama). Tahta Media Group.
Seri Mughni Sulubara, I. (2024). Regulasi dan lisensi mengenai perlindungan hukum investor di platform fintech peer-to-peer lending dalam hukum konvensional. Jurnal Hukum, Politik dan Ilmu Sosial, 3(4), 431–442. https://doi.org/10.55606/jhpis.v3i4.4499
Seri Mughni Sulubara. (2024). Perlindungan data pribadi dalam kasus ransomware: Apa kata hukum? Eksekusi: Jurnal Ilmu Hukum dan Administrasi Negara, 2(November), 426–434. https://doi.org/10.55606/eksekusi.v2i4.1823
Soekanto, S. (2019). Penelitian hukum normatif. Hukum, 1(1), 4.
Sulubara, S. M. (2024). Menyajikan berbagai insiden cybercrime yang terjadi di Indonesia, termasuk pencurian data dan peretasan situs web pemerintah. Konsensus: Jurnal Ilmu Politik dan Komunikasi, 1(6), 199–206. https://doi.org/10.62383/konsensus.v1i6.692
Sulubara, S. M., & Tasril, V. (2025). Legal protection of cybercrime crimes from ransomware attacks and evaluation of the Cyber Security and Resilience Bill 2025 in Indonesia’s defense. De Lega Lata: Jurnal Ilmu Hukum, 10(December), 287–297. https://doi.org/10.30596/dll.v10i2.25786
Sulubara, S. M., Fauzi, H., Muslim, B., Ferdiansyah, M. F., & Musmulyadi, M. (2025). Judi online sebagai cybercrime serta tantangan penegakan hukum pidana di era digital: Antara regulasi, pembuktian, dan ancaman cybercrime. Jurnal Riset Rumpun Ilmu Sosial, Politik dan Humaniora, 4(2), 539–552. https://doi.org/10.55606/jurrish.v4i2.4990
Sulubara, S. M., Lubis, H. P., & Simbolon, N. Y. (2024a). Legal review of electronic commerce-based buying and selling on the Shopee platform against consumers using Shopee PayLater. Proceeding of IROFONIC 2024, Proceeding(02), 392–402.
Sulubara, S. M., Lubis, H. P., & Simbolon, N. Y. (2024b). Legality of Shopee PayLater payments for Shopee platform e-commerce transactions in conventional law. DELEGALATA Jurnal Ilmu Hukum, 9(2), 247–256. https://doi.org/10.30596/dll.v9i2.20414
Sulubara, S. M., Tasril, V., & Nurkhalisah. (2025). Perlindungan hukum tindak pidana cybercrime dalam cyberlaw di Indonesia: Perkembangan teknologi dan tantangan hukum dalam mewujudkan cybersecurity (Edisi pertama). Tahta Media.
Tubaishat, A., & Alaleeli, H. (2024). A framework to prevent cybercrime in the UAE. Procedia Computer Science, 238, 558–565. https://doi.org/10.1016/j.procs.2024.06.060
Yan, P., & Khoei, T. T. (2025). Securing the Internet of Things: A comprehensive review of ransomware attacks, detection, countermeasures, and future prospects. Franklin Open, 100256. https://doi.org/10.1016/j.fraope.2025.100256
Zainuddin, M., & Karina, A. D. (2023). Penggunaan metode yuridis normatif dalam membuktikan kebenaran pada penelitian hukum. Smart Law Journal, 2(2), 114–123. https://journal.unkaha.com/index.php/slj/article/view/26
Books:
Sulubara, S. M., Tasril, V., & Nurkhalisah. (2025). Perlindungan hukum tindak pidana cybercrime dalam cyberlaw di Indonesia: Perkembangan teknologi dan tantangan hukum dalam mewujudkan cybersecurity (Edisi pertama). Tahta Media.
Sulubara, S. M., Lubis, H. P., Simbolon, N. Y., & Razi, F. (2024). Teori hukum perdata (Studi kasus: Transaksi e-commerce Shopee Paylater; Edisi pertama; Tahta Media, Ed.). CV Tahta Media Group.
Legislation:
Criminal Code (KUHP).
Rancangan Undang-Undang tentang Keamanan dan Ketahanan Siber.
Undang-Undang Republik Indonesia Nomor 1 Tahun 2024 tentang Perubahan Kedua atas Undang-Undang Nomor 11 Tahun 2008 tentang Informasi dan Transaksi Elektronik. (2024).
Undang-Undang Republik Indonesia Nomor 27 Tahun 2022 tentang Perlindungan Data Pribadi. (2022).
Undang-Undang Republik Indonesia Nomor 8 Tahun 1999 tentang Perlindungan Konsumen. (1999).
Downloads
Published
How to Cite
Issue
Section
License
Copyright (c) 2025 Aliansi: Jurnal Hukum, Pendidikan dan Sosial Humaniora
This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.
