Reconstruction of Legal Policy in Handling Ransomware Attacks on National Critical Infrastructure in Indonesia
DOI:
10.59888/ajosh.v4i8.722Published:
2026-06-05Downloads
Abstract
This study aims to analyze and reconstruct legal policies in addressing ransomware attacks on national critical infrastructure in Indonesia using normative juridical methods through legislative and conceptual approaches. The results show that the legal provisions contained in Law Number 1 of 2024 concerning the Second Amendment to Law Number 11 of 2008 concerning Electronic Information and Transactions and Law Number 27 of 2022 concerning Personal Data Protection do not specifically regulate ransomware as a separate crime and do not provide comprehensive protection for national critical infrastructure. Furthermore, there are weaknesses in both normative and implementation aspects, including the absence of a legal definition of ransomware, weak cybersecurity standards, institutional fragmentation, and obstacles in digital evidence management and cross-border law enforcement. Therefore, legal policy reconstruction is needed through the establishment of specific norms related to ransomware, the strengthening of regulations for critical infrastructure protection based on a risk approach, the implementation of mandatory cybersecurity standards, as well as institutional integration and the enhancement of law enforcement capacity. This study contributes to the development of a legal policy model that is preventive, repressive, and adaptive to technological developments to ensure national security and Indonesia's digital sovereignty.
Keywords:
ransomware cybercrime legal policy national critical infrastructureReferences
Afifah, D. (2023). Perlindungan Konsumen Di Sektor Jasa Keuangan Pada Kasus Serangan Siber Ransomware Yang Menimpa Perbankan. Jiip-Jurnal Ilmiah Ilmu Pendidikan, 9318-9323.
Anbiyaa, F. (2025). Model Pemolisian Siber: Pendekatan Community Policing Dan E-Policing Dalam Penanggulangan Kejahatan Ransomware. Cerdika: Jurnal Ilmiah Indonesia, 53.
Apollyus, E. (2022). Eskalasi Reproduksi Cybercrime Pada Masa Pandemi Covid-19. Nusantara: Jurnal Ilmu Pengetahuan Sosial, 2063-2069.
Chowdhury, R. H. (2022). Digital government initiatives and national resilience: How digital governance frameworks were transformed post-COVID to maintain national services. World Journal of Advanced Engineering Technology and Sciences, 7(1), 224–240.
Desouza, K., Watson, R. T., & Xie, Y. (2025). Managing Digital Dependencies in a Connected Society: Policy Options for Ecosystem Transitivity.
Erwin, E. P. (2023). Transformasi Digital. Jambi: Pt. Sonpedia Publishing Indonesia.
Farisin, M. S. (2025). Menjaga Keamanan Digital Strategi Serta Kebijakan Swiss Dalam Mengatasi Ancaman Ransomware. Interdependence Journal Of International Studies, 69-80.
Harahap, A. R. (2022). Perlindungan Hukum Terhadap Sistem Pembayaran Transaksi Elektronik Lintas Batas Negara. Pekalongan: Nem.
Irfan, B. A. (2023). Pelayanan Publik Era Digital: Studi Literatur. Indonesian Journal Of Intellectual Publication, 23-31.
Jubhari, A. R. (2022). Tinjauan Hukum Pidana Internasional Terhadap Serangan Siber Menggunakan Virus Ransomware Wannacry Di Indonesia. Makassar: Universitas Hasanuddin.
Kurniawan, I. A. (2021). Penyebaran Virus Ransomware Wannacry Berdasarkan Undang-Undang No. 11 Tahun 2008. Penyebaran Virus Ransomware Wannacry Berdasarkan Undang-Undang No. 11 Tahun 2008, 427-432.
Nabila, F. I. (2024). Evaluasi Terhadap Kebocoran Data Dalam Sistem Perbankan Di Indonesia (Studi Kasus Ransomware Pada Bank Syariah Indonesia). Al-Qisth Law Review, 295-310.
Novita, A. P. (2023). Cyber Security Threats; Analisis Dan Mitigasi Resiko Ransomware Di Indonesia. Jurnal Ilmiah Sistem Informasi, 160-169.
Praptono, A. A. (2024). Tinjauan Kriminologi Terhadap Pelaku Kejahatan Pemerasan Dengan Menggunakan Virus, Ransomware Wannacry Sebagai Suatu Kejahatan Modern. Jurnal Intelek Dan Cendikiawan Nusantara, 1660-1669.
Ramadhan, G. (2023). Perlidungan Hukum Bagi Korban Ransomware Wannacry. Das Sollen: Jurnal Kajian Kontemporer Hukum Dan Masyarakat, 102.
Robbi, S. W. (2025). Pertanggungjawaban Pidana Terhadap Pelaku Tindak Pidana Ransomware Dalam Perspektif Peraturan Perundang-Undangan. Pampas: Journal Of Criminal Law, 282-295.
Simorangkir, A. S. (2024). Ransomware Pada Data Pdn Implikasi Etis Dan Tanggung Jawab Profesional Dalam Pengelolaan Keamanan Siber. Journal Sains Student Research, 324-331.
Sulubara, S. M. (2024). Perlindungan Data Pribadi Dalam Kasus Ransomware: Apa Kata Hukum? Eksekusi: Jurnal Ilmu Hukum Dan Administrasi Negara, 426-434.
Tus, D. S. (2021). Perlindungan Hukum Bagi Korban Serangan Ransomware. Vyavahara Duta, 126-136.
Wildan, A. A. (2025). Analisis Dan Evaluasi Peraturan Pemerintah No. 71 Tahun 2019 Tentang Penyelenggaraan Sistem Dan Transaksi Elektronik (Pste) Dalam Menanggulangi Kejahatan Ransomware Di Indonesia. Academos Jurnal Hukum Dan Tatanan Sosial, 41.
License
Copyright (c) 2026 Teguh Nugroho, Hidayati
This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.
Authors who publish with this journal agree to the following terms:
- Authors retain copyright and grant the journal right of first publication with the work simultaneously licensed under a Creative Commons Attribution-ShareAlike 4.0 International. that allows others to share the work with an acknowledgement of the work's authorship and initial publication in this journal.
- Authors are able to enter into separate, additional contractual arrangements for the non-exclusive distribution of the journal's published version of the work (e.g., post it to an institutional repository or publish it in a book), with an acknowledgement of its initial publication in this journal.
- Authors are permitted and encouraged to post their work online (e.g., in institutional repositories or on their website) prior to and during the submission process, as it can lead to productive exchanges, as well as earlier and greater citation of published work.
