AI DevwWrld CyberDSA Chatbot Summit Cyber Revolution Summit CYSEC Global Cyber Security & Cloud Expo World Series Digital Identity & Authentication Summit Asian Integrated Resort Expo Middle East Low Code No Code Summit TimeAI Summit

Sri Lanka data incident: ransomware attack hits government

A cyber disaster that could put national security at risk

The Sri Lankan government suffered a major cyber attack that compromised over 5000 email accounts due to outdated software. Backup servers were also compromised, making data recovery difficult. The government will not pay ransom to attackers.

This pill is also available in Italian language

The Sri Lankan government recently disclosed a major data loss incident involving over 5,000 email accounts from May to August 2023. According to authorities, the root cause of this incident was a cyber attack , specifically a ransomware variant. Unfortunately, the situation was further exacerbated by the fact that backup servers were also compromised, making data recovery an extremely difficult undertaking.

Outdated and vulnerable software

The Information and Communication Technology Agency of Sri Lanka (ICTA) identified the main cause of this incident as the use of outdated software, Microsoft Exchange 2013, which is no longer supported by the company. This outdated software had been installed on the Lanka Government Network (LGN), a critical network used by key government entities such as the Cabinet Office, presidential officials, the Ministry of Education and the Ministry of Health. The implications of this major data breach could prove disastrous, given the sensitivity of the data involved.

Financial problems and delays in updates

According to Mahesh Perera, CEO of ICTA, all Gov.lk email accounts were compromised by the malware attack, which was first discovered on August 26 this year. While he didn't specifically characterize this as a software update failure, he suggested that necessary revisions to Microsoft Exchange services had been delayed since 2021. Unfortunately, the update plans had been stalled due to financial constraints in the budget government and global economic challenges faced by the country.

Refusal to negotiate with the attackers

Perera clarified that the Sri Lankan government has no intention of negotiating or paying any ransom to the perpetrators of the cyber attack. In other words, no extortion requests will be considered. At the moment, there is still no official confirmation on the identity of the attackers, although an unofficial source suggested attributing the incident to the LockBit Ransomware or the Russian-speaking BlackCat crime group. Importantly, this incident occurred against a backdrop of high inflation and depreciation of the rupee in Sri Lanka, further exacerbating the challenges facing the country.

Follow us on Google News for more pills like this

09/11/2023 12:45

Marco Verro

Last pills

Italy's success in cybersecurityHow Italy achieved excellence in global cybersecurity: strategies, collaborations, and international successes

IntelBroker alleged breach of Deloitte systemsServer exposed: how Deloitte's security may have been compromised by a cyber attack

Vo1d infections on Android TV boxes: how to protect your devicesLearn the essential measures to protect your Android TV boxes from the dreaded Vo1d malware and keep your devices safe from cyber threats

Hacker attack in Lebanon: Hezbollah under fireTechnological shock and injuries: cyber warfare hits Hezbollah in Lebanon