Dampak Eksploitasi Kerentanan Web terhadap Integritas Data: Tinjauan Kewajiban Etis dan Legalitas Developer

Penulis

  • Muhamad Nazry Khoiry UIN Syarif Hidayatullah Jakarta Penulis
  • Evy Nurmiati UIN Syarif Hidayatullah Jakarta Penulis

DOI:

https://doi.org/10.65310/wjahqt98

Kata Kunci:

Data Integrity, SQL Injection, Cybersecurity Law, Professional Ethics, Web Vulnerability.

Abstrak

Web application security vulnerabilities, specifically SQL injection, pose a critical threat to data integrity, directly undermining the foundational security pillars of accuracy, completeness, and consistency. This study investigates the impact of such exploits through controlled black-box penetration testing on vulnerable prototypes, subsequently analyzing the findings against ethical engineering frameworks and Indonesian cyber law regulations. Empirical evidence demonstrates that inadequate security configurations lead to unauthorized data exfiltration and mass manipulation, which constitutes a severe breach of professional developer responsibilities. The research highlights that technical failures are inextricably linked to legal and ethical accountability, necessitating a transition from reactive patching to a proactive, security-by-design development paradigm. By mapping technical vulnerabilities to the governing legal statutes and professional ethics codes, this article establishes a mandate for developers to prioritize robust security architectures. The study underscores that strengthening digital resilience requires a cohesive integration of advanced technical defense mechanisms with strict adherence to national regulatory frameworks to ensure long-term data security and institutional accountability in the digital era.  

Unduhan

Data unduhan tidak tersedia.

Referensi

Adegbite, M. A. (2025). Data Privacy And Data Security Challenges In Digital Finance. Journal of Digital Security and Forensics, 2(1), 6-19. https://doi.org/10.29121/digisecforensics.v2.i1.2025.40

Ahmed, I. (2025). Navigating ethics and risk in artificial intelligence applications within information technology: a systematic review. American Journal of Advanced Technology and Engineering Solutions, 1(01), 579-601. https://doi.org/10.63125/590d7098

Akor, S. O., Nongo, C., Udofot, C., & Oladokun, B. D. (2024). Cybersecurity awareness: Leveraging emerging technologies in the security and management of libraries in higher education institutions. Southern African Journal of Security, 2, 14-pages. https://doi.org/10.25159/3005-4222/16671

Alhitmi, H. K., Mardiah, A., Al-Sulaiti, K. I., & Abbas, J. (2024). Data security and privacy concerns of AI-driven marketing in the context of economics and business field: an exploration into possible solutions. Cogent Business & Management, 11(1), 2393743. https://doi.org/10.1080/23311975.2024.2393743

Anderson, R. J. (2010). Security engineering: A guide to building dependable distributed systems (2nd ed.). John Wiley & Sons.

Bente, B. E., Van Dongen, A., Verdaasdonk, R., & van Gemert-Pijnen, L. (2024). eHealth implementation in Europe: a scoping review on legal, ethical, financial, and technological aspects. Frontiers in digital health, 6, 1332707. https://doi.org/10.3389/fdgth.2024.1332707

Brown, M. A., Gruen, A., Maldoff, G., Messing, S., Sanderson, Z., & Zimmer, M. (2025). Web scraping for research: Legal, ethical, institutional, and scientific considerations. Big Data & Society, 12(4), 20539517251381686. https://doi.org/10.1177/20539517251381686

Clarke, J. (2012). SQL injection attacks and defense (2nd ed.). Syngress.

Creswell, J. W., & Creswell, J. D. (2018). Research design: Qualitative, quantitative, and mixed methods approaches (5th ed.). SAGE Publications.

Denis, A., Thomas, A., Robert, W., Samuel, A., Kabiito, S. P., Morish, Z., ... & Mijwil, M. M. (2025). A survey on artificial intelligence and blockchain applications in cybersecurity for smart cities. SHIFRA, 2025, 1-45. https://doi.org/10.70470/SHIFRA/2025/001

Ferhataj, A., Memaj, F., Sahatcija, R., Ora, A., & Koka, E. (2025). Ethical concerns in AI development: analyzing students’ perspectives on robotics and society. Journal of Information, Communication and Ethics in Society, 23(2), 165-187. https://doi.org/10.1108/JICES-08-2024-0111

González, A. L., Moreno, M., Román, A. C. M., Fernández, Y. H., & Pérez, N. C. (2024). Ethics in artificial intelligence: An approach to cybersecurity. Inteligencia Artificial, 27(73), 38-54. https://doi.org/10.4114/intartif.vol27iss73pp38-54

Gotterbarn, D. (1997). Software engineering: The new professionalism. In C. Burnap & R. Ellis (Eds.), Software quality assurance: From theory to implementation. Pearson Education.

Government Regulation Number 71 of 2019 concerning the Implementation of Electronic Systems and Transactions, (Republic of Indonesia 2019).

Gursoy, D., Başer, G., & Chi, C. G. (2025). Corporate digital responsibility: navigating ethical, societal, and environmental challenges in the digital age and exploring future research directions. Journal of Hospitality Marketing & Management, 34(3), 305-324. https://doi.org/10.1080/19368623.2025.2465634

He, Z., Li, Z., Yang, S., Ye, H., Qiao, A., Zhang, X., ... & Chen, T. (2024). Large language models for blockchain security: A systematic literature review. arXiv preprint arXiv:2403.14280. https://doi.org/10.48550/arXiv.2403.14280

Hossain, M. I., Steigner, T., Hussain, M. I., & Akther, A. (2024). Enhancing data integrity and traceability in industry cyber physical systems (ICPS) through Blockchain technology: A comprehensive approach. arXiv preprint arXiv:2405.04837. https://doi.org/10.48550/arXiv.2405.04837

IBM Security. (2023). Cost of a data breach report 2023. IBM Corporation. https://www.ibm.com/reports/data-breach

Jawad, L. A. (2024). Security and privacy in digital healthcare systems: challenges and mitigation strategies. Abhigyan, 42(1), 23-31. https://doi.org/10.1177/09702385241233073

Koehn, D. (1994). The ground of professional ethics. Routledge.

Kumar, A., Murthy, S. V., Singh, S., & Ragupathy, S. (2024). The ethics of interaction: Mitigating security threats in llms. arXiv preprint arXiv:2401.12273. https://doi.org/10.48550/arXiv.2401.12273

Law Number 11 of 2008 concerning Electronic Information and Transactions, (Republic of Indonesia 2008).

Law Number 19 of 2016 concerning Amendments to Law Number 11 of 2008 concerning Electronic Information and Transactions, (Republic of Indonesia 2016).

Law Number 27 of 2022 concerning Personal Data Protection, (Republic of Indonesia 2022).

Mohammed, A. (2025). Artificial Intelligence-Powered Cyber Attacks: Adversarial Machine Learning. Authorea Preprints. https://doi.org/10.22541/au.173862063.39098197/v1

Muhammad, A., Hadiana, A. I., & Ilyas, R. (2025). Eksploitasi Broken Access Control Untuk Eskalasi Hak Akses Pada LMS Universitas XYZ. Jurnal Algoritma, 22(2), 1-11. https://doi.org/10.33364/algoritma/v.22-2.2287

National Cyber and Crypto Agency. (2022). Laporan tahunan BSSN 2022: Keamanan siber nasional [BSSN 2022 annual report: National cybersecurity]. National Cyber and Crypto Agency.

Ning, Y., Teixayavong, S., Shang, Y., Savulescu, J., Nagaraj, V., Miao, D., ... & Liu, N. (2024). Generative artificial intelligence and ethical considerations in health care: a scoping review and ethics checklist. The Lancet Digital Health, 6(11), e848-e856. https://doi.org/10.1016/S2589-7500(24)00143-2

Omotunde, H., & Ahmed, M. (2023). A comprehensive review of security measures in database systems: Assessing authentication, access control, and beyond. Mesopotamian Journal of CyberSecurity, 2023, 115-133. https://doi.org/10.58496/MJCSC/2023/016

OWASP. (2020). OWASP testing guide version 4.2. The OWASP Foundation. https://owasp.org/www-project-web-security-testing-guide/

OWASP. (2021). OWASP top ten 2021. The OWASP Foundation. https://owasp.org/www-project-top-ten/

Robert, W., Denis, A., Thomas, A., Samuel, A., Kabiito, S. P., Morish, Z., & Ali, G. (2024). A comprehensive review on cryptographic techniques for securing internet of medical things: A state-of-the-art, applications, security attacks, mitigation measures, and future research direction. Mesopotamian Journal of Artificial Intelligence in Healthcare, 2024, 135-169. https://doi.org/10.58496/MJAIH/2024/016

Simorangkir, A., Sihombing, H., Sihite, P. I., & Parhusip, J. (2024). Ransomware pada Data PDN Implikasi Etis dan Tanggung Jawab Profesional dalam Pengelolaan Keamanan Siber. Journal Sains Student Research, 2(6), 324-331. https://doi.org/10.61722/jssr.v2i6.2966

Stallings, W., & Brown, L. (2018). Computer security: Principles and practice (4th ed.). Pearson Education.

Wasti, S., Lee, I. H., Kim, S., Lee, J. H., & Kim, H. (2023). Ethical and legal challenges in nanomedical innovations: a scoping review. Frontiers in genetics, 14, 1163392. https://doi.org/10.3389/fgene.2023.1163392

Yadav, N. S., Rounak, R., & Sharma, P. C. (2024). Web-based Vulnerability Analysis and Detection. International Journal of Sensors, Wireless Communications and Control. https://doi.org/10.2174/0122103279319619241008221647

Zhao, Y., Qu, Y., Xiang, Y., Uddin, M. P., Peng, D., & Gao, L. (2024). A comprehensive survey on edge data integrity verification: Fundamentals and future trends. ACM Computing Surveys, 57(1), 1-34. https://doi.org/10.1145/3680277

Diterbitkan

2026-06-23

Cara Mengutip

Dampak Eksploitasi Kerentanan Web terhadap Integritas Data: Tinjauan Kewajiban Etis dan Legalitas Developer. (2026). Journal of Engineering and Applied Technology, 2(1), 332-341. https://doi.org/10.65310/wjahqt98