September 29, 2023

Sri Lanka’s authorities e-mail community was hit by a ransomware assault that wiped months of knowledge from hundreds of e-mail accounts, together with ones belonging to prime authorities officers, authorities confirmed on Monday.

The assault, which began on the finish of August, affected almost 5,000 e-mail addresses utilizing the e-mail area. The victims embrace Sri Lanka’s council of ministers which varieties the central authorities of the nation.

The focused system, Lanka Authorities Cloud (LGC), was encrypted together with backups of the system. Though officers had been in a position to restore LGC inside 12 hours of the assault, they didn’t have backups from Might 17 to August 26, so all affected accounts misplaced knowledge from that interval, in response to Mahesh Perera, the top of Sri Lanka’s Info and Communication Expertise Company (ICTA).

The nation’s laptop emergency response workforce (CERT|CC) has began an investigation into the incident and is working to get well the misplaced knowledge.

Perera informed media retailers that the Sri Lankan authorities doesn’t plan to barter with the attackers or pay any ransom to retrieve the misplaced knowledge.

It is at the moment unknown which hacking group is behind the incident. To realize entry to the focused system, the attackers might need used malicious hyperlinks despatched to authorities staff, in response to ICTA. The hackers possible exploited a vulnerability in an outdated model of Microsoft Change that hadn’t been up to date.

Officers needed to improve the system in 2021, however these plans had been delayed because of price range constraints and former board selections, Perera informed native media.

ICTA stated it’s taking steps to enhance safety after the assault. This contains implementing each day offline backups and updating the e-mail utility to the newest model.

The company didn’t reply to a request for remark.

The Sri Lankan authorities has confronted earlier criticism for its lack of consideration to cybersecurity. The nation doesn’t have a devoted cybersecurity authority and solely launched cybersecurity laws in June of this yr.

Get extra insights with the

Recorded Future

Intelligence Cloud.

Be taught extra.

Daryna Antoniuk

Daryna Antoniuk
is a contract reporter for Recorded Future Information primarily based in Ukraine. She writes about cybersecurity startups, cyberattacks in Jap Europe and the state of the cyberwar between Ukraine and Russia. She beforehand was a tech reporter for Forbes Ukraine. Her work has additionally been revealed at Sifted, The Kyiv Impartial and The Kyiv Put up.