AI DevwWrld Chatbot Summit CYSEC Global Cyber Security & Cloud Expo World Series Digital Identity & Authentication Summit Middle East Low Code No Code Summit TimeAI Summit

Sri Lanka data incident: ransomware attack hits government

A cyber disaster that could put national security at risk

The Sri Lankan government suffered a major cyber attack that compromised over 5000 email accounts due to outdated software. Backup servers were also compromised, making data recovery difficult. The government will not pay ransom to attackers.

Contribute to spreading the culture of prevention!
Support our cause with a small donation by helping us raise awareness among users and companies about cyber threats and defense solutions.

This pill is also available in Italian language

The Sri Lankan government recently disclosed a major data loss incident involving over 5,000 email accounts from May to August 2023. According to authorities, the root cause of this incident was a cyber attack , specifically a ransomware variant. Unfortunately, the situation was further exacerbated by the fact that backup servers were also compromised, making data recovery an extremely difficult undertaking.

Outdated and vulnerable software

The Information and Communication Technology Agency of Sri Lanka (ICTA) identified the main cause of this incident as the use of outdated software, Microsoft Exchange 2013, which is no longer supported by the company. This outdated software had been installed on the Lanka Government Network (LGN), a critical network used by key government entities such as the Cabinet Office, presidential officials, the Ministry of Education and the Ministry of Health. The implications of this major data breach could prove disastrous, given the sensitivity of the data involved.

Financial problems and delays in updates

According to Mahesh Perera, CEO of ICTA, all Gov.lk email accounts were compromised by the malware attack, which was first discovered on August 26 this year. While he didn't specifically characterize this as a software update failure, he suggested that necessary revisions to Microsoft Exchange services had been delayed since 2021. Unfortunately, the update plans had been stalled due to financial constraints in the budget government and global economic challenges faced by the country.

Refusal to negotiate with the attackers

Perera clarified that the Sri Lankan government has no intention of negotiating or paying any ransom to the perpetrators of the cyber attack. In other words, no extortion requests will be considered. At the moment, there is still no official confirmation on the identity of the attackers, although an unofficial source suggested attributing the incident to the LockBit Ransomware or the Russian-speaking BlackCat crime group. Importantly, this incident occurred against a backdrop of high inflation and depreciation of the rupee in Sri Lanka, further exacerbating the challenges facing the country.

Follow us on Instagram for more pills like this

09/11/2023 12:45

Editorial AI

Last pills

Global blow to cybercrime: a major ransomware network has fallenCybercriminal organization busted: a success for global cybersecurity

Crisis in aviation: Rosaviatsia targeted by cyberattackCyber attack exposes vulnerability of Russian aviation sector

Introduction to the new SysJoker threatIn-depth analysis reveals evolutions and risks of SysJoker cross-platform malware

Cybersecurity strategies compared between Taiwan and JapanStrengthening digital defenses in the information age