www.infosecurity-magazine.com
Open in
urlscan Pro
13.32.99.111
Public Scan
URL:
https://www.infosecurity-magazine.com/news/ransomware-sri-lanka-government/
Submission: On September 11 via api from TR — Scanned from DE
Submission: On September 11 via api from TR — Scanned from DE
Form analysis
2 forms found in the DOMGET https://www.infosecurity-magazine.com/search/
<form method="get" action="https://www.infosecurity-magazine.com/search/" role="search">
<input type="search" name="q" class="form-control" placeholder="Search site…" aria-label="Search keywords" required="required">
<button type="submit" class="form-button with-icon">
<svg viewBox="0 0 24 24" fill="none" xmlns="http://www.w3.org/2000/svg" role="img" aria-label="Search">
<path d="M15 15L21 21M10 17C6.13401 17 3 13.866 3 10C3 6.13401 6.13401 3 10 3C13.866 3 17 6.13401 17 10C17 13.866 13.866 17 10 17Z" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"></path>
</svg>
</button>
</form>
GET https://www.infosecurity-magazine.com/search/
<form method="get" action="https://www.infosecurity-magazine.com/search/" role="search">
<input type="search" name="q" class="form-control" placeholder="Search Infosecurity Magazine…" aria-label="Search keywords" required="required">
<input type="submit" value="Search" class="form-button">
</form>
Text Content
* Log In * Sign Up * * News * Magazine Features * Opinions * News Features * Interviews * Editorial * Blogs * Reviews * Slackspace * Next-Gen Infosec * Webinars * White Papers * Podcasts * Industry Events & Training * Magazine Events * Online Summits * Company Directory * Application Security * Automation * Big Data * Business Continuity * Cloud Security * Compliance * Cybercrime * Data Protection * Digital Forensics * Encryption * Human Factor * Identity Access Management * Industry Announcements * Internet Security * Malware * Managed Services * Mobile Security * Network Security * Payment Security * Physical and Information Security Convergence * Privacy * Risk Management * The Internet of Things * Log In * Sign Up * * News * Topics * Features * Webinars * White Papers * Podcasts * EventsEvents & Conferences * Directory * * Infosecurity Magazine Home » News » Ransomware Attack Wipes Out Four Months of Sri Lankan Government Data RANSOMWARE ATTACK WIPES OUT FOUR MONTHS OF SRI LANKAN GOVERNMENT DATA News 11 Sep 2023 WRITTEN BY KEVIN POIREAULT Reporter, Infosecurity Magazine * Follow @Kpoireault * Connect on LinkedIn * * * Investigations have begun into a massive ransomware attack that has affected Sri Lanka’s government cloud system, Lanka Government Cloud (LGC). The investigation is being conducted by the Sri Lanka Computer Emergency Readiness Team and Coordination Center (CERT|CC). Sri Lanka’s Information and Communication Technology Agency (ICTA) confirmed the attack to several local news outlets on September 11, 2023. The attack likely started on August 26, 2023, when a gov[dot]lk domain user said they had received suspicious links over the past few weeks and that someone may have clicked one. LGC services and the backup systems were quickly encrypted. Mahesh Perera, CEO at ICTA, estimated all 5000 email addresses using the “gov[dot]lk” email domain, including those used by the Cabinet Office, were affected. The system and the backup were restored within 12 hours of the attack. However, since the system didn’t have any backup available for the data spanning May 17 to August 26, 2023, all affected accounts have permanently lost data covering this period. CONCERNING SECURITY FAILINGS Perera told the press that LGC was introduced in 2007 and first used Microsoft Exchange Version 2003, but was updated to Microsoft Exchange Version 2013 in 2014. “This was in use till the attack. But that version is now obsolete, outdated and vulnerable to various types of attacks,” he said. Although the Agency had planned to upgrade LGC to the latest version (currently Exchange Server 2019 CU11 Oct21SU) from 2021, the decisions had been delayed due to “fund limitations and certain previous board decisions.,” Perera added. Following the attack, ICTA has started taking measures to enhance its security, including initiating daily offline backup routines and upgrading the relevant email application to the latest version. The Sri Lanka CERT|CC is also helping ICTA to retrieve the lost data. The Sri Lankan government had previously been criticized for failing to efficiently promote serious cybersecurity measures within its public administrations and its private sector. The country ranks 83rd out of 175 countries in the Estonia-based e-Governance Academy Foundation’s National Cyber Security Index. The Sri Lankan government unveiled in June 2023 long-delayed cybersecurity legislation – which will introduce its first-ever cybersecurity national authority. YOU MAY ALSO LIKE 1. INTERVIEW: NATHANIEL BORENSTEIN, CHIEF SCIENTIST AT MIMECAST Interview28 Jul 2017 2. #COVID19 ACCOUNTED FOR MASSIVE INCREASE IN Q1 PHISHING TRENDS News16 Jul 2020 3. LEARNING FROM THE FINANCIAL SECTOR'S CYBERSECURITY REGULATIONS Opinion25 Jul 2017 4. #SECURETOUR17: BUSINESS NIGHTMARE SCENARIOS DETAILED A WEEK SINCE #WANNACRY News19 May 2017 5. DON’T GET COMPLACENT ABOUT RANSOMWARE Opinion15 Dec 2016 WHAT’S HOT ON INFOSECURITY MAGAZINE? * Read * Shared * Watched * Editor's Choice APPLE PATCHES TWO ZERO-DAYS EXPLOITED IN PEGASUS ATTACKS News8 Sep 2023 1 MORE SCHOOLS HIT BY CYBER-ATTACKS BEFORE TERM BEGINS News5 Sep 2023 2 MITRE AND CISA RELEASE OT ATTACK EMULATION TOOL News6 Sep 2023 3 HOW TO FIND OUT IF YOUR DATA IS BEING SOLD TO A THIRD PARTY Blog11 Jan 2023 4 CISA ADDS CRITICAL ROCKETMQ BUG TO MUST-PATCH LIST News8 Sep 2023 5 API VULNERABILITIES: 74% OF ORGANIZATIONS REPORT MULTIPLE BREACHES News7 Sep 2023 6 UK BOARDS ARE GROWING LESS CONCERNED ABOUT CYBER-RISK News6 Sep 2023 1 SUFFOLK HIGH SCHOOL FORCED OFFLINE AFTER CYBER-ATTACK News4 Sep 2023 2 ADOBE COLDFUSION CRITICAL VULNERABILITIES EXPLOITED DESPITE PATCHES News1 Sep 2023 3 NEW REDDIT CISO TO TACKLE SECURITY CHALLENGES AND CHAMPION DIVERSITY Interview5 Sep 2023 4 SENSITIVE DATA ABOUT UK MILITARY SITES POTENTIALLY LEAKED BY LOCKBIT News4 Sep 2023 5 IBM REPORTS PATIENT DATA BREACH AT JOHNSON & JOHNSON SUBSIDIARY News7 Sep 2023 6 IDENTIFY HOW CYBER CRIMINALS USE GENERATIVE AI IN BUSINESS EMAIL COMPROMISE (BEC) ATTACKS Webinar3 Aug 2023 1 DON'T TAKE THE BAIT: COLLABORATIVE INTELLIGENCE TO BUILD PHISHING RESILIENCE Webinar27 Jul 2023 2 COMBATING INFOSEC COMPLIANCE FATIGUE: PAIN POINTS AND BEST PRACTICES Webinar30 Mar 2023 3 THE CHATGPT REVOLUTION: THE ROLE OF LARGE LANGUAGE MODELS IN ENTERPRISE IT Webinar18 May 2023 4 HOW TO MITIGATE CYBER-RISKS THROUGH A THREAT EXPOSURE MANAGEMENT PROGRAM Webinar20 Apr 2023 5 COUNTERING TODAY’S TOP EMAIL THREATS: A TEAM EFFORT Webinar29 Jun 2023 6 FBI'S QAKBOT TAKEDOWN RAISES QUESTIONS: 'DISMANTLED' OR JUST A TEMPORARY SETBACK? News Feature4 Sep 2023 1 GRU BLAMED FOR INFAMOUS CHISEL MALWARE TARGETING UKRAINE'S MILITARY PHONES News31 Aug 2023 2 NATION STATE CYBER-ATTACKS IN THE NEWS: HOW DO THEY AFFECT YOU? Webinar19 Sep 2023, 14:00 BST , 09:00 EDT 3 THE GENDER GAP IS WIDENING IN CYBER – WHAT CAN WE DO ABOUT IT? Opinion1 Sep 2023 4 BREWING A SAFER FUTURE: CARLSBERG'S CISO TALKS SASE AND NETWORK SECURITY Interview21 Aug 2023 5 WITH PHISHING GETTING HARDER TO SPOT, HOW CAN USERS STAY PROTECTED? Blog30 Aug 2023 6 THE MAGAZINE * About Infosecurity * Meet the team * Contact us ADVERTISERS * Media pack CONTRIBUTORS * Forward features * Op-ed * Next-gen submission * * * * Copyright © 2023 Reed Exhibitions Ltd. * Terms and Conditions * Privacy Policy * Intellectual property statement * Cookies Settings * Cookie Policy * Sitemap We use cookies to analyse and improve our service, to improve and personalise content, advertising and your digital experience. We also share information about your use of our site with our social media, advertising and analytics partners. Cookie Policy Accept All Cookies Cookies Settings COOKIE PREFERENCE CENTRE We process your information, to deliver content or advertisements and measure the delivery of such content or advertisements, extract insights, and generate reports to understand service usage; and/or accessing or storing information on devices for that purpose. You can choose not to allow some types of cookies. However, blocking some types of cookies may impact your experience of the site and the services we are able to offer. Click on the different category headings to find out more, to change our default settings, and/or view the list of Google Ad-Tech Vendors. Cookie Policy MANAGE CONSENT PREFERENCES STRICTLY NECESSARY COOKIES Always Active Strictly Necessary Cookies These cookies are necessary for the website to function and cannot be switched off in our systems. They are usually only set in response to actions made by you which amount to a request for services, such as setting your privacy preferences, logging in or filling in forms. You can set your browser to block or alert you about these cookies, but some parts of the site will not then work. These cookies do not store any personally identifiable information. Cookies Details PERFORMANCE COOKIES Performance Cookies These cookies allow us to count visits and traffic sources so we can measure and improve the performance of our site. They help us to know which pages are the most and least popular and see how visitors move around the site. Cookies Details FUNCTIONAL COOKIES Functional Cookies These cookies enable the website to provide enhanced functionality and personalisation. They may be set by us or by third party providers whose services we have added to our pages. If you do not allow these cookies then some or all of these services may not function properly. Cookies Details TARGETING COOKIES Targeting Cookies These cookies may be set through our site by our advertising partners. They may be used by those companies to build a profile of your interests and show you relevant adverts on other sites. If you do not allow these cookies, you will experience less targeted advertising. Cookies Details Confirm My Choices Back Button Back PERFORMANCE COOKIES Vendor Search Search Icon Filter Icon Clear Filters Information storage and access Apply Consent Leg.Interest All Consent Allowed Select All Vendors Select All Vendors All Consent Allowed Confirm My Choices