Sri Lanka Government Hit by Ransomware, Loses Critical Data

Sri Lanka Government Hit by Ransomware, Loses Critical Data

Sri Lanka Government Hit by Ransomware, Loses Critical Data

Last week, authorities verified that a ransomware attack had targeted nearly 5,000 government email addresses in Sri Lanka, causing critical data loss. Significantly, the attack also impacted the country’s central government, specifically its council of ministers.

Emails and data stored on the Lanka Government Cloud (LGC) were encrypted by attackers, putting the government in a precarious situation.

Mahesh Perera, head of Sri Lanka’s Information and Communication Technology Agency (ICTA), stated that while they restored the system in 12 hours, data loss was substantial.

Unfortunately, there were no backups for data between May 17 and August 26 of this year. Therefore, many accounts lost important information that can’t be recovered.

The country’s Computer Emergency Response Team (CERT) has since launched a thorough investigation to find the perpetrators and recover the lost data. Sri Lanka’s government has made it clear it won’t negotiate with the hackers or pay any ransom.

Critics have long been pointing out Sri Lanka’s poor attention to cybersecurity. Shockingly, the country only introduced cybersecurity legislation this past June and does not have a dedicated national authority for cybersecurity.

Yet, Mahesh Perera admitted that the agency knew their Microsoft Exchange software was out of date and vulnerable. Plans to upgrade had been on hold since 2021 due to budget limitations and previous board decisions.

Immediate Steps Taken for Stronger Security

In the wake of this disaster, ICTA is taking drastic measures to improve its cybersecurity infrastructure. This includes starting daily offline backups and updating the email application to the latest version.

Furthermore, both ICTA and the Sri Lanka Computer Emergency Readiness Team are making concerted efforts to recover what can be saved from the lost data.

Despite all this, Sri Lanka stands 83rd in the National Cyber Security Index by the Estonia-based e-Governance Academy Foundation.

According to ICTA, the hack began near the end of August, and it’s suspected that malicious links sent to government employees might have been the entry point.

Specifically, an outdated version of Microsoft Exchange was likely exploited. When asked about this, Mahesh Perera agreed that the outdated software made their system vulnerable to attacks.

This attack could be a wake-up call for the country to prioritize cybersecurity. Subsequently, the country is in a rush to set up its first cybersecurity national authority following this incident.

Moreover, this attack has brought to light the need for immediate action on cybersecurity, not just in Sri Lanka but globally. After all, cyber threats are a universal issue that can impact any country, big or small.

Meanwhile, SLCERT has issued a public warning to all Sri Lankan nationals about an ongoing phishing scam.

In summary, the Sri Lankan government suffered a devastating ransomware attack affecting thousands of official email accounts and resulting in significant data loss. This has led to an urgent reevaluation of the country’s cybersecurity measures. Undoubtedly, the incident serves as a critical lesson for governments worldwide to fortify their digital infrastructures.

Krishi Chowdhary Journalist

Krishi Chowdhary Journalist

Krishi is an eager Tech Journalist and content writer for both B2B and B2C, with a focus on making the process of purchasing software easier for businesses and enhancing their online presence and SEO.

Krishi has a special skill set in writing about technology news, creating educational content on customer relationship management (CRM) software, and recommending project management tools that can help small businesses increase their revenue.

Alongside his writing and blogging work, Krishi's other hobbies include studying the financial markets and cricket.

Latest News

Customer Loyalty Major Statistics

Customer Loyalty Stats in 2023: Loyal Customers Spend More!

Crypto News

Top Crypto Gainers on September 28 – COMP, BCH, And MKR

In Q4 2023, the crypto market has settled in a total market cap range slightly exceeding 1 trillion. Meanwhile, Bitcoin continues to dominate the crypto market due to its large...

Crypto News

Analytical Insights Suggest a Potential 7,918% XRP Rally, Targeting $39 Based on Historical Data

In a recent analysis, financial pundits projected an unprecedented 7,918% surge in XRP value. This audacious prediction stemmed from a meticulous examination of historical data and an advanced Z-Score analysis. ...

X Could

X Could Become Profitable Next Year, Says CEO Yaccarino


DarkBeam’s Alarming Data Breach Exposes 3.8 Billion Records

Crypto News

Cardano Price Prediction: ADA Struggles To Enter Uptrend – Will It Drop Further?

Most Influential Tech Innovations

The 10 Most Influential Tech Innovations of the 21st Century