International Journal of Progressive Sciences and Technologies

This research explores a pressing intersection between cybersecurity and public governance: the systematic hijacking of Indonesian government websites (.go.id domains) by online gambling actors. At the heart of the problem lie well-known yet persistently unaddressed vulnerabilities—SQL Injection, Cross-Site Scripting (XSS), outdated content management systems, and weak input validation—all of which enable attackers to deface official pages, implant backdoors, and redirect citizens to illicit platforms. This study proposes a twofold solution: technical hardening through automated vulnerability scans and patch management, and regulatory strengthening via targeted reform of Indonesia’s cyber law framework, particularly the Undang-Undang Informasi dan Transaksi Elektronik (UU ITE). Methodologically, the paper employs a triadic framework—combining real-world case study analysis, legal evaluation, and scholarly synthesis—to interrogate both the technological vectors of attack and the regulatory inertia that follows. Case examples, such as the 2022 defacement of the Jawa Timur website and the 2023 SQL breach of a ministry portal, illustrate both the ease of compromise and the inadequacy of state responses. The literature supports these findings: Albalawi et al. (2022) emphasise the technical detectability of defacement, while Djarawula et al. (2023) and Setiawati et al. (2022) point to legislative gaps that online criminals exploit with relative impunity. The study’s contribution lies in articulating an integrated model for national cyber resilience, bridging technical diagnostics with legal strategy. It concludes with a set of practical recommendations—ranging from near-term vulnerability audits and IT training to long-term legal reform and international collaboration—intended not only to protect Indonesia’s digital assets but also to offer a case study of wider relevance for states confronting similar threats in the evolving cyber landscape.

REFRENCES

Albalawi, M., Aloufi, R., Alamrani, N., Albalawi, N., Aljaedi, A., & Alharbi, A. R. (2022). Website Defacement Detection and Monitoring Methods: A Review. Electronics, 11(19), 6000.

Anggarini, A. D., & Prastyanti, R. A. (2024). KAJIAN HUKUM DAN REGULASI TERKAIT SERANGAN HACKING PADA PLATFORM DIGITAL DI INDONESIA / STUDY OF LAWS AND REGULATIONS RELATED TO HACKING ATTACKS ON DIGITAL PLATFORMS IN INDONESIA. Multidisciplinary Indonesian Center Journal (MIC.JO), 1(2), 1-10.

Djarawula, M., Alfiani, N., & Mayasari, H. (2023). TINJAUAN YURIDIS TINDAK PIDANA KEJAHATAN TEKNOLOGI INFORMASI (CYBERCRIME) DI INDONESIA DITINJAU DARI PERSPEKTIF UNDANG-UNDANG NOMOR 11 TAHUN 2008 TENTANG INFORMASI DAN TRANSAKSI ELEKTRONIK. Jurnal Cakrawala Ilmiah, 2(10), 3799-3808.

Madina, T. A., & Fadhli, M. (2024). Analisis Serangan DDOS pada Website Prodi Pendidikan Teknologi Informasi. Jurnal Nasional Komputasi dan Teknologi Informasi (JNKTI), 7(6), 1-12.

Mutaqin, M. F., & Ferdiansyah, D. (2022). Identifikasi Kerentanan Terhadap Serangan Slot Backdoor Pada Website di Indonesia Dengan Menggunakan Metode OSINT. Pasinformatik, 1(2), 47-53.

Nurseno, M., Aditiawarman, U., Maarif, H. A. Q., & Mantoro, T. (2024). Detecting Hidden Illegal Online Gambling on .go.id Domains Using Web Scraping Algorithms. Matrik: Jurnal Manajemen, Teknik Informatika, dan Rekayasa Komputer, 23(2), 365–378.

Prasetiyo, N. A., Huwae, R. B., & Jatmika, A. H. (2024). AUDIT DAN ANALISIS WEBSITE PEMERINTAH MENGGUNAKAN PENGUJIAN PENETRASI SQL INJECTION DAN CROSS SITE SCRIPTING (XSS) (Audit and Analysis of Government Websites Using SQL Injection and Cross-Site Scripting (XSS) Penetration Testing). Jurnal Teknologi Informasi, Komputer dan Aplikasinya (JTIKA), 6(2), 87-96.

Setiawati, S., Daulat, P. A. S., Sunarto, & Dewi, S. (2022b). The Urgency of Special Regulations for online Gambling in Indonesia. International Journal of Arts and Social Science, 5(7), 1-8.

Sharma, S. (2023). A Study of Vulnerability Scanners for Detecting SQL Injection and XSS Attack in Websites. Artificial Intelligence and Applications, 45-49.

Sulubara, S. M. (2024). Menyajikan Berbagai Insiden Cybercrime yang Terjadi di Indonesia, Termasuk Pencurian Data dan Peretasan Situs Web Pemerintah. Konsensus: Jurnal Ilmu Pertahanan, Hukum dan Ilmu Komunikasi, 1(6), 199-206.

Susanto, B., Suhana, & Husain, A. (2024). Industrial Online Gambling as Dangerous Cyber Crime in Indonesia. Ann Journal of Engineering Sciences (Improsci), 2(1), 1-9.

Widoyo, A. F., Mastori, & Arifin, Z. (2024). Online Gambling Problems in Indonesia: A Structural Dawah Approach. WARDAH Jurnal Dakwah dan Kemasyarakatan, 25(1), 79-94.

Wimukthi, Y. R., Kottegoda, H., Andaraweera, D., & Palihena, P. (2022). A comprehensive review of methods for SQL injection attack detection and prevention.