Recently, the Sri Lankan Government experienced a significant data loss incident involving over 5000 email accounts. This incident, which occurred from May to August 2023, was a result of a cyber attack, specifically a ransomware variant. The severity of the situation was heightened by the fact that even the backup servers were compromised, making data recovery a challenging task.
The incident was primarily attributed to the usage of outdated Microsoft Exchange 2013 software, which is no longer supported by Microsoft. This outdated software was in use on the Lanka Government Network (LGN), a critical network utilized by key government entities. The implications of this cyber attack are concerning, given the sensitive nature of the data stored on these email accounts.
Mahesh Perera, the CEO of the Information and Communication Technology Agency of Sri Lanka (ICTA), acknowledged the malware attack and hinted that the need for upgrading the Microsoft Exchange services had been pending since 2021. However, financial constraints within the government’s budget and the overall economic challenges faced by the country had delayed these upgrade plans.
The government has made it clear that they have no intentions of negotiating with the attackers or entertaining any ransom demands. While there have been unofficial reports attributing the incident to specific ransomware groups, there has been no official confirmation regarding the identity of the attackers.
This incident unfolded at a time when Sri Lanka was already dealing with high inflation and the depreciation of the Sri Lankan Rupee in international markets. These additional challenges have further complicated the situation for the country.
In conclusion, the