Potential Cybercrime and Prevention in the Overseas Official Travel Approval Letter

The aim of this research is to the potential for cybercrime and its prevention in foreign official travel approval letters. The research method used is normative juridical. The data collection technique is library research. The data analysis technique is descriptive qualitative which is used in the form of an interactive analysis model. The research results show that the potential for cybercrime in foreign official travel approval letters includes hacking, identity theft, data breaches, phishing, spamming, cyber vandalism, virus writers, XML injection, security configuration errors. To prevent cybercrime, the simple web application or https://simpel.setneg.go.id has data security, namely security testing by the state cyber and password agency, a captcha feature on the simple web, one time password feature on simple phones, application of certified digital signatures. The conclusion of this research is that the potential for cybercrime in overseas official travel approval letters is increasing. Prevention solutions can include educating users, using a hacker perspective, patch systems, policies, Intrusion Detection Systems bundled with Intrusion Prevention Systems, antivirus firewalls. Legal regulatory steps to support the implementation of cybercrime prevention solutions, namely Law No. 11 of 2008 concerning ITE and PP No. 82 of 2012 concerning the implementation of Electronic Systems and Transactions.


INTRODUCTION
Cybercrime is an illegal criminal act and dangerous behavior involving the internet computer of Information Communication Technology that function as tools, targets or places where crimes occur.
As an emerging social phenomenon in the information age, cybercrime has raised concerns throughout the world due to its high destructive power and widespread influence.Trust fraud, identity fraud, and other types of cybercrime are among them (Widijowati, 2022).Although computers or computer networks are the main components of cybercrime, it describes a more conventional criminal act in which Al Manhaj: Jurnal Hukum dan Pranata sosial Islam 88 a computer or computer network is used to assist or enable the commission of a crime (Sumadinata, 2023).
The rapid development of ICT has become increasingly significant as well as the number of criminal acts.The government shows evidence of losses due to cybercrime (Widijowati, 2022).
According to statistical data from We Are Social and Hootsuite, 5.07 billion people globally, or around 63.45% of the total world population of 7.99 billion people, are internet users as of October 2022 (Hardinato & Tata, 2023).The Internet facilitates or is necessary for almost all modern jobs.All computers in the world are connected via the internet, a worldwide network for communication, although using various hardware and operating systems (Hardinato & Tata, 2023).
Web-based applications are one way to use the internet.One of the main aspects of using web applications is how simple it is to get information from anywhere in the world via the internet (Styaningsih et al., 2023).Web servers and web pages form the two main parts of most web-based application systems.The most popular web server application according to Netcraft until December 2022 is Apache (Hardinato & Tata, 2023).Current advances in information technology seem to have two sides because apart from advancing human progress, prosperity, and civilization, they can also pose risks to the security of personal data (Nguyen, 2023).
The main targets of cybercrime attacks are institutions in the financial sector, transportation companies, IT companies, entertainment, health services, and government institutions based on statistical data published by Positive Technology in 2023.The National Cyber Security Agency Center through the National Cyber and Crypto Agency stated that the majority of cyber crime attacks in Indonesia target web applications, especially government sites (Sumadinata, 2023).Cybercrime via web applications is becoming more frequent and increasing every year.Web application security is a top priority for every individual, organization, or institution, especially web application users (Sumadinata, 2023).
Overseas Service Trips are assignments carried out by State Officials, Other Officials, Civil Servants, BUMN/BUMD Employees, or Indonesian Personnel given by State Institutions or Government Agencies, to carry out activities abroad at State expense (APBN/APBD), foreign/domestic donors, or at their own expense and who has undertaken an official trip abroad is required to make a written report regarding the implementation of their duties, by the provisions stated in the approval letter.Overseas official travel is carried out by an employee or employee of an institution or company related to official work duties.The use of Foreign Service Approval includes the legal basis for assignments, requirements for processing official passports, exit permits, and recommendations for service visas.The basis for providing facilitation for the payment of income tax for individuals who will depart abroad (fiscal) with applicable provisions, completeness of financial accountability Aas Rohmat, Hanuring Ayu Ardhiani Putri, Muhammad Muhtarom, Ismiyanto, Anies Fortina Febriani / Potential (Qohary & Inarto, 2021).
The Foreign Cooperation Bureau is a focal point in the Ministry of Education, Culture, Research and Technology which has the task of processing every application submitted by each work unit within the Ministry of Education, Culture, Research and Technology.In implementing the administration process for approval letters for overseas official travel, the Foreign Cooperation Bureau coordinates with the Ministry of State Secretariat and the Ministry of Foreign Affairs, where both ministries have applications to simplify and speed up the process of overseas official travel.In line with this, the Ministry of Education, Culture, Research and Technology has an overseas official travel application that can be integrated with existing applications in the ministry (Megandi et al., 2023).
Submitting a letter of approval for an overseas official trip, several document requirements must be met by employees who will undertake an overseas official trip (Rohmat & Elisanti, 2021).In the implementation of approval for overseas official travel, problems often occur including incomplete overseas official travel documents, late submission of physical documents, and documents given to the focal point are illegible, resulting in delays in the process of applying for external service to the Ministry of State Secretariat and the Ministry of Foreign Affairs (Megandi et al. al., 2023).
The Foreign Cooperation Bureau already has the e-PDLN application, an information system service for Overseas Official Travel, to facilitate the submission of administrative documents for overseas official travel in the electronic delivery system for overseas official travel documents.The webbased external official travel administration system (e-PDLN) in the Administration Sub-Section of the Foreign Cooperation Bureau can simplify and speed up the process of administering approval letters for external official travel.The development of the e-PDLN application is not only limited to the administration mechanism for overseas official travel but is an effort to simplify the overseas official travel process.It is hoped that the existence of the SIMPLE web application will make it easier for PDLN service users to submit requests for official travel abroad and of course can improve services for handling official travel administration more quickly, precisely, transparently, and accountably (Pratama, 2018).
The main features in the overseas official travel information system application are login module, application in process, application approved, application returned, application archive, assignment results report, and helpdesk.The SIMPEL application is used in the process of overseas official travel using of a login module where the user can log in with a username in the form of a registered email and a password that has been previously set according to the user's wishes.Applications in the process contain applications with status in the state secretariat process along with details of the application.
Users can click on the application if they want to see the details.Contains an application with approved status along with details of the application.Users can click on the application if they want to see the details.
This approved application also has a Download Approval Letter and Assignment Results Report feature.If the user chooses to download the approval letter, the approval letter file in PDF format will automatically be downloaded to the user's device.When an overseas official trip has been carried out, users can report the results of their official trip.This feature contains requests that are returned as shown in the screenshot.This module is used to view details of PDLN applications that have been archived.This feature is used to submit assignment results reports, in the form of substance reports, financial realization reports, and document uploads.An overseas official trip can be carried out by several participants who are members of one group.The Assignment Results Report can be filled in by one of the participants in the group.This Helpdesk menu is connected to the State Secretariat Web link.
The potential for cybercrime in the e-PDLN application, a website-based external official travel information system service on external official travel approval letters, is very possible.Several things that need to be studied about the emergence of applications (software) which are becoming more sophisticated day by day are related to privacy in cyberspace, including protection from spying, protection of personal data, and positional privacy.Every agreement regarding automatic downloads has provided an opening for application owners to hack personal data or track the whereabouts of application downloaders (Mohd. Yusuf DM et al., 2022).
The research aims to determine the potential for cybercrime and its prevention in approval letters for overseas official travel.Researchers chose this topic because this topic is very urgent to research regarding the increasing number of cybercrime problems and to provide solutions related to potential cybercrime problems in the SIMPLE application in overseas official travel application letters.Regulatory policies support the implementation of cybercrime prevention solutions.
Several countries have long paid more attention to the security of data in cyberspace.The implementation of these concerns is contained in national regulations related to information technology.Indonesia stipulates all rights and obligations related to cyber law in Law Number 19 of 2016 concerning Electronic Information and Transactions, abbreviated as the ITE Law (Nugraha, 2021).National legal regulations, bilateral agreements, and international legal regulations related to data are expected to be able to overcome problems related to the privacy aspects of potential cybercrime and prevention of cyber crime in foreign official travel approval letters (Destyarini et al., 2023;Dewi, 2022).This research contributes to existing literature related to cybercrime as well as to the wider community with solutions to preventing cyber crime.Legal regulatory policies and also legal certainty regarding cybercrimes.Many criminal acts related specifically to cyber crimes carried out using cyber internet technology are closely related to the SIMPEL application system in the process of overseas Aas Rohmat, Hanuring Ayu Ardhiani Putri, Muhammad Muhtarom, Ismiyanto, Anies Fortina Febriani / Potential Cybercrime and Prevention in the Overseas Official Travel Approval Letter 91 official travel which needs to be studied further.This research is important to carry out with the title "Potential Cybercrime and its Prevention in Approval Letters for Overseas Official Travel".

METHOD
The research method used is normative juridical.This type of secondary data comes from data that has been documented in the form of legal materials.The data collection technique is library research.Data collection will be carried out through library research collected through library research, namely by studying the provisions of the law regarding the analysis of potential cybercrime and its prevention in overseas official travel documents.All data collected is analyzed using interpretation techniques and then interpreted and described descriptively in accordance with the cases studied with the provisions of relevant laws and regulations and theories.

Potential for cybercrime in the approval letter for overseas official travel.
Cybercrime is a criminal activity in which a computer or computer network becomes a tool, target, or place of crime.As has been mentioned, cybercrime emerged along with the increasing intensity of digital, communication and information technology.Cybercrime is an unlawful act carried out using internet access which is based on sophisticated computer and telecommunications technology (Pervaiz et al., 2023).Analysis of the potential for cybercrime on the e-PDLN application, website-based Overseas Official Travel information system service on approval letters for overseas official travel is very likely to occur.The increasing development of cybercrime is now not limited to illegal access (Sabillon et al., 2016).Some potential cyber crimes in overseas official travel approval letters through the Overseas Official Travel information system service application in the form of SIMPLE or https://simpel.setneg.go.id are as follows: Hacking is the activity of breaking into someone else's computer program.Most of the online activities of hackers are legal and illegal.Hacking becomes illegal once it is used for unauthorized access to a computer system (Artikov, 2021).Ilegal hacking activities are usually part of organized crime networks, with specific motives and a high level of sophistication (Suci Meinarni & Sari, 2020).There are many categories of hackers, these categories include different terminology and iconography which gives rise to controversy over the term computer attacker.The media and general public call the people responsible for attacking and destroying computer systems hackers (Wijoseno & Widhiyaastuti, 2023).
A hacker is someone who likes computer exploration, has the skills to create and read certain programs, and is obsessed with monitoring security.There are 2 categories of hackers, namely White Hat and Black Hat.
Al Manhaj: Jurnal Hukum dan Pranata sosial Islam 92 1. White Hat Hackers are individuals with hacking skills who act to protect a network in a defensive manner.They work in a corporate environment as security.Notify the admin whose computer has been breached, that there are weaknesses in the program they own and have the potential to be compromised.The characteristics of white hat hackers are providing non-destructive information that will definitely benefit/help the victim.
2. Black Hat Hackers are individuals who break into other people's programs to damage, manipulate/alter, and steal their data.Hackers with extraordinary computing skills who are interested in malicious activities.Their motives are to cause damage, steal information, destroy data, and make money.The characteristic of Black Hat Hackers is that they carry out criminal activities that will harm their victims (Sabillon et al., 2016).
Identity theft or identity theft is a cybercrime crime of stealing someone's identity.An attacker pretends to be a different person to gain financial gain.Identity theft leads to identity fraud that exploits crimes such as financial identity theft, business identity theft, and criminal identity theft (Wijoseno & Widhiyaastuti, 2023).A data breach is the disclosure of data or information that violates confidentiality leading to distribution in the public domain.Leaks can occur by insider agents or hacker attacks.
Damage can affect or trigger a company's reputation, financial losses, lawsuits, stock prices, fraud, and physical assets (Sabillon et al., 2016).
Phishing is the activity of luring internet users in the hope that the user will unconsciously provide user data and password information on a website that has been defaced.Fraudulent processes that steal confidential information from end users.Phishing usually involves using fake websites.Phishers configure universal man-in-the-middle phishing kits to enable real-time URLs that interact with valid websites (Hermawan, 2013).Spamming is the sending of unwanted news messages, images, and advertisements via electronic mail (e-mail), search engines, instant messages (IM), and smartphones.
Spammers use botnets and virus-infected networks to distribute spam.However, many people are also affected and become victims (Wijoseno & Widhiyaastuti, 2023).
Cybervandalism is vandalism that occurs using computer technology.The most common attacks are website defacement, data deletion malware, DDoS, and social media account hijacking (Sabillon et al., 2016).Virus Writers are a group that tends to exploit weaknesses found by hackers, then code methods to execute computer weaknesses.XML injection: eXtensible Markup Language injection attacks are similar to SQL injection attacks.The primary vulnerabilities include code insertion to enter or export database data.Additionally, the XML query language XPath can be included using query statements for data retrieval or modification (Sabillon et al., 2016).Security misconfiguration is where web applications are often deployed by utilizing incorrect, default, or compromised configurations to access systems, networks, computers, servers, mobile devices, or interconnect devices that may have Aas Rohmat, Hanuring Ayu Ardhiani Putri, Muhammad Muhtarom, Ismiyanto, Anies Fortina Febriani / Potential (Wijoseno & Widhiyaastuti, 2023).
Legal aspects can be used to overcome and prevent potential cybercrimes, which requires cyber law.Cyber Law is a legal aspect whose term comes from Cyberspace Law, the scope of which covers every aspect related to individuals or legal subjects who use and utilize internet/electronic technology starting when they go "online" and enter the cyber world.Cyber Law in Indonesia related to cyber crime is Law Number 11 of 2008 concerning Information and Electronic Transactions (UU ITE).
Legal concepts used in discussing potential cybercrime crimes.Law is a system created to limit human behavior so that human behavior can be controlled.Law is certain written or unwritten rules or provisions that regulate people's lives and provide sanctions for violators.The law functions to protect the interests of internet service users and take firm action against perpetrators of cyber crime.The government needs to enact Law Number 19 of 2016 concerning Amendments to Law Number 11 of 2008 concerning Electronic Information and Transactions, which monitors blocking fraud sites and designs a good system to protect the public from the threat of cybercrime.

Prevention of cyber crimes in foreign official travel approval letters.
Submission of Official Travel Approval Letters which used to be manually changed to an electronic process.SIMPLE application that is not limited to the process of digitizing work mechanisms.SIMPLE is an online licensing web application built to improve the quality of public services in the issuance of government approval letters for overseas official travel (PDLN) carried out by State Officials, other Officials, Civil Servants, BUMN/BUMD Employees, and Indonesian Personnel assigned by State Institutions or Government Agencies, funded by APBN/APBD or by technical cooperation partners.The SIMPEL Mobile application can also be downloaded via the Android Play Store and iOS App Store.In the future, the SIMPEL application will continue to be developed to improve the quality and governance of overseas official travel licensing services.
It is hoped that the SIMPLE web application can make it easier for PDLN service users to submit requests for overseas official travel and of course can improve the service for handling official travel administration more quickly, precisely, transparently and accountably.The approval letter for overseas official travel uses the Overseas Official Travel information system service application in the form of SIMPLE or https://simpel.setneg.go.id which has been created by the Ministry of State Secretary.Simple data in there is a database, namely 1) Data Base of list of officials/employees of all K/Ls, 2) Data Base of PDLN reports for all K/Ls, 3) Data Base of PDLN budget usage.
Various technological products such as computers, for example, have been used as media for global information purposes, and these technological products also facilitate the rise of cybercrime (Wu et al., Al Manhaj: Jurnal Hukum dan Pranata sosial Islam 94 2023).Cybercrime takes quite several victims, especially from a personal and financial perspective.Most victims can only regret what happened.They hope to learn a lot from their experience.What needs to be done now is to prevent possibilities that could harm us as IT practitioners (Hall & Ziemer, 2023).
Cybercrime is a complex and external phenomenon, the proliferation of mobile devices, Wi-Fi networks, and the openness of the internet has increased the expansion of cyber attacks, cybercrime, and cyber victimization (Sugiarto & Qurratulaini, 2020).
Prevention of cybercrime attacks on foreign service approval letters for web applications used by a website that is the target of attacks (Agung et al., 2022).The SIMPLE web application or https://simpel.setneg.go.id is an external official travel information service.The SIMPLE web application or https://simpel.setneg.go.id contains Security Data, namely 1) Security Test by the National Cyber and Crypto Agency, 2) Captcha feature on SIMPEL Web, 3) One Time Password (OTP) feature on SIMPEL Mobile , 4) Implementation of Certified Digital Signature.
Cybercrime prevention can take the form of: 1. Educate User (providing new knowledge about Cybercrime and the internet world) 2. Use hacker's perspective (using thinking from the hacker's side to protect your system) 3. Patch System (covers weaknesses in the system) 4. Policy (determines policies and rules that protect your system from unauthorized people) 5. IDS (Intrusion Detection System) bundled with IPS (Intrusion Prevention System) 6. AntiVirus Firewall.
Cybercrime security prevention efforts are mainly focused on implementing technical approaches such as Intrusion Detection Systems (IDS), Intrusion Prevention Systems (IPS), firewalls, and anti-virus software to reduce the threat of cyber attacks (Agung et al., 2022).This is in accordance with research studies that show that these methods can help to some extent reduce the adverse impact of cybercrime on both organizations and individuals (Mohd. Yusuf DM et al., 2022).
Protective prevention against cybercrime begins with taking personal measures for protection and then escalates to the organizational, societal, corporate, national, military, and international levels (Artikov, 2021).Deep cybersecurity defenses at all levels will minimize, prevent, and slow cyber attacks.(Sumadinata, 2023).The creation of national governance to combat cybercrime, international cooperation to prosecute cyber criminals, strengthening laws for prosecution, additional academic research, and a participating cyber security industry are just some of the areas that need improvement (Rosy, 2020) .
Signature in preventing cybercrime can take the form of preventing it by educating users, using a hacker's perspective, patch system, policy, IDS (Intrusion Detection System) bundled with IPS (Intrusion Prevention System), antivirus firewall.The suggestion from this research is that cyber crimes in the e-PDLN application, website-based external official travel information system services on external official travel approval letters must be handled immediately.Preventive protection against cybercrime begins with taking personal action for protection and then escalates to the organizational, societal, corporate or institutional, national, military and international levels.The government is increasing cooperation between countries, both bilaterally, regionally, and multilaterally, in efforts to handle and prevent cybercrime.Carrying out intensive outreach to organizations, communities, companies or institutions that use the e-PDLN application, website-based external official travel information system services on approval letters for external official travel specifically for preventing or dealing with cybercrime.Legal or regulatory steps to support the implementation of cyber crime prevention solutions, namely Law No. 11 of 2008 concerning ITE and PP No. 82 of 2012 concerning Implementation of Electronic Systems and Transactions.
Cybercrime and Prevention in the Overseas Official Travel Approval Letter 89 administration.Categories of types of overseas official travel letters are new applications, extensions, corrections, and cancellations Cybercrime and Prevention in the Overseas Official Travel Approval Letter 93 security holes.System managers who do not change the default configuration can open vulnerabilities to hackers