Sri Lankan Government Suffers Severe Data Loss Due to Ransomware Attack

The Sri Lankan government faced a significant cybersecurity crisis. A large-scale ransomware attack on encrypted email servers resulted in severe data loss. The attack impacted over 5,000 government employees and led to the loss of critical emails sent between May 17 and August 26 of this year.

Data Loss Sri Lankan Officers: The Aftermath

The Information and Communication Technology Agency (ICTA) confirmed the devastating incident. That affects all government offices utilizing the “” email domain, including the Cabinet Office. Moreover, the attack left approximately 5,000 email addresses compromised. The absence of both offline and online backup systems during a crucial two-month period made recovery challenging, rendering several emails irrecoverable.

In response to this incident, ICTA swiftly implemented measures to bolster cybersecurity. They initiated a daily offline backup process and planned to upgrade relevant applications to the latest versions, incorporating enhanced defenses against virus attacks. Efforts are ongoing to recover the lost data, involving both ICTA and the Sri Lanka Computer Emergency Readiness Team (SLCERT).

Path to Recovery for the Sri Lankan Government

The Sri Lankan government agencies were urged to transition to more secure platforms like Microsoft 365, Office 365, or Exchange 2019 to enhance data security. Despite the successful restoration of the ICTA website, email recovery was hampered by the time taken to restore the systems. The incident underscores the urgency for modern, secure email facilities and robust backup strategies. Furthermore, the SLCERT has also warned the public of a phishing scam specifically targeting Sri Lankan nationals:

Sri Lankan

The attack shed light on the risks posed by legacy systems, emphasizing the importance of timely upgrades. The ICTA utilized outdated Microsoft Exchange Version 2013, which was susceptible to various cyber threats. The delay in system upgrades, partly due to administrative challenges, significantly contributed to the vulnerability.

Critical Lessons Learned

The ICTA cyber-attack exemplifies the vulnerability of governmental organizations to cyber threats and the crucial need for robust cybersecurity measures. Prompt action, regular updates, secure backup systems, and vigilant monitoring are imperative to safeguard sensitive government data from evolving cyber threats. As Sri Lanka grapples with the aftermath, the incident serves as a stark reminder of the ever-present cyber risks and the urgency to fortify national cybersecurity frameworks.

For more news and updates on Cybersecurity, visit The Cybersecurity Club.

Post navigation

Leave a Reply

Your email address will not be published. Required fields are marked *

Japanese Watchmaker Seiko Falls Victim to BlackCat Ransomware Attack

UK Electoral Commission Hit By Massive Data Breach: 40 Million Voter Records Exposed

Air Canada Faces Cybersecurity Breach: Records Compromised

USDoD Hacker Claims Data Leak of 58,000+ Individuals from TransUnion