The recent hacking of Tiket.com is just the tip of the iceberg and the incident should prompt businesses to take drastic action to secure their websites, an information and communication technology executive said. (Antara Photo/Audy Alwi)

Tiket.com Hacking Shows Vulnerability of Indonesia's Online Businesses

BY :TABITA DIELA

APRIL 06, 2017

Jakarta. The recent hacking of Tiket.com, one of Indonesia's largest online travel agents, by a group of teenagers and a 27-year-old is just the tip of the iceberg and the incident should prompt businesses to take drastic action to secure their websites, an information and communication technology executive said.

"Most of the e-commerce sites only place emphasis on appearance and ease of use, while security issues receive less attention," Indonesia ICT Institute executive director Heru Sutadi told the Jakarta Globe on Thursday (06/04).

The ideal approach for businesses to keep their systems secure is to encrypt every transaction on their websites and to check for any loopholes regularly.

"Hopefully the case involving Tiket.com can make service providers aware that their services need [more] security to keep it safe from fraud, or attacks by hackers," he said.

The National Police said the group of hackers managed to loot more than $300,000 worth of airplane tickets from Tiket.com in October last year. The alleged crime was masterminded by a 19-year old.

Mustafa, legal officer at the Indonesian Consumer Protection Foundation (YLKI), said he has seen an increasing number of complaints related to hacking of various online platforms, including e-commerce sites and financial technology and banking services.

"Cases like this require valid proof," he said. "It's very hard to resolve the [hacking-related] cases that we handle."

With the increasing number of e-commerce sites and technological expansion, Mustafa said consumers – including those who purchase or sell goods on online marketplaces – must know that they are protected by law.

"The responsibilities of business owners are regulated under consumer laws," he said. "Businesses that provide web portal facilities must be held responsible for any losses [...] Anyhow, this constitutes a form of negligence from their side."

Global Network, the company behind Tiket.com, reported the case to the police in November last year.

"We proactively reported [the case] and are working with the police's Criminal Investigation Unit [Bareskrim]. For us, this issue was resolved in 2016," said Gaery Undarsa, Tiket.com chief communication officer and cofounder.

Gaery said he had made sure that Tiket.com is secure and that the system behind it is no longer compromised. He added that the company will continue to upgrade its security regularly.

However, he declined to discuss any details of the measures taken to improve security on the site.

SHARE