Unveiling the Cybercrime Ecosystem: Impact of Ransomware-as-a-Service (RaaS) in Indonesia

Abstract

This study explores the rise of Ransomware-as-a-Service (RaaS) in Indonesia’s cybercrime ecosystem, highlighting its role as a significant digital security threat. RaaS lowers the technical barriers to executing ransomware attacks, enabling individuals with minimal expertise to launch sophisticated cyberattacks. Analyzing data from 2020 to 2024, this study identified Indonesia as a hotspot for RaaS-driven cybercrime in Southeast Asia due to low cybersecurity awareness and weak regulatory frameworks. Key findings reveal that government administration, healthcare, and finance are the most frequently targeted sectors due to their sensitive data and inadequate defense capabilities. Ransomware variants such as Luna Moth and WannaCry, dominate the malware landscape by employing tactics like phishing and exploiting outdated systems. These attacks result in severe socioeconomic consequences, including financial losses, operational disruptions, and reputational damage. This study contributes to our understanding of RaaS by examining its operational, economic, and regulatory dimensions in the Indonesian context. This underscores the urgent need for strengthened cybersecurity policies, public-private sector collaboration, and international cooperation to address transnational cybercrime. By providing actionable insights into attack patterns and mitigation strategies, this study aims to guide efforts to combat ransomware threats and enhance Indonesia’s digital resilience.