AI DevwWrld Chatbot Summit Cyber Revolution Summit CYSEC Global Cyber Security & Cloud Expo World Series Digital Identity & Authentication Summit Asian Integrated Resort Expo Middle East Low Code No Code Summit TimeAI Summit

Sri Lanka data incident: ransomware attack hits government

A cyber disaster that could put national security at risk

The Sri Lankan government suffered a major cyber attack that compromised over 5000 email accounts due to outdated software. Backup servers were also compromised, making data recovery difficult. The government will not pay ransom to attackers.

This pill is also available in Italian language

The Sri Lankan government recently disclosed a major data loss incident involving over 5,000 email accounts from May to August 2023. According to authorities, the root cause of this incident was a cyber attack , specifically a ransomware variant. Unfortunately, the situation was further exacerbated by the fact that backup servers were also compromised, making data recovery an extremely difficult undertaking.

Outdated and vulnerable software

The Information and Communication Technology Agency of Sri Lanka (ICTA) identified the main cause of this incident as the use of outdated software, Microsoft Exchange 2013, which is no longer supported by the company. This outdated software had been installed on the Lanka Government Network (LGN), a critical network used by key government entities such as the Cabinet Office, presidential officials, the Ministry of Education and the Ministry of Health. The implications of this major data breach could prove disastrous, given the sensitivity of the data involved.

Financial problems and delays in updates

According to Mahesh Perera, CEO of ICTA, all Gov.lk email accounts were compromised by the malware attack, which was first discovered on August 26 this year. While he didn't specifically characterize this as a software update failure, he suggested that necessary revisions to Microsoft Exchange services had been delayed since 2021. Unfortunately, the update plans had been stalled due to financial constraints in the budget government and global economic challenges faced by the country.

Refusal to negotiate with the attackers

Perera clarified that the Sri Lankan government has no intention of negotiating or paying any ransom to the perpetrators of the cyber attack. In other words, no extortion requests will be considered. At the moment, there is still no official confirmation on the identity of the attackers, although an unofficial source suggested attributing the incident to the LockBit Ransomware or the Russian-speaking BlackCat crime group. Importantly, this incident occurred against a backdrop of high inflation and depreciation of the rupee in Sri Lanka, further exacerbating the challenges facing the country.

Follow us on Telegram for more pills like this

09/11/2023 12:45

Editorial AI

Last pills

Critical VPN flaw discovered: the TunnelVision attackA new type of DHCP attack threatens the security of VPN networks by exposing user data

An EU step forward against cyber stalkingNew EU measures to tackle gender-based violence and strengthen protection for victims

Dirty Stream: Microsoft identifies new attack on AndroidA new cyber threat threatens the security of Android users through compromised applications

Make it critical in Dropbox's e-signature serviceViolation of the electronic signature system exposes sensitive data