Carding
Professional
- Messages
- 2,870
- Reaction score
- 2,511
- Points
- 113
A lot of important data in recent months has been irretrievably lost.
Sri Lanka has launched an investigation into a large-scale ransomware cyberattack that affected the government's Lanka Government Cloud (LGC) system.
The investigation is being conducted by the Sri Lanka Computer Incident Response and Coordination Center (CERT-CC), which today confirmed the attack on its social networks.
According to experts, the attack began on August 26 this year, when one of the domain users "gov.lk" he reported that he had been receiving suspicious links for several weeks at the time of the request, and it is possible that one of the employees clicked on one of these links. As a result, LGC services and backup systems were quickly encrypted by attackers.
Mahesh Perera, head of Sri Lanka's Information and Communication Technology Agency (ICTA), said that all 5,000 email addresses using the domain were targeted "gov.lk", including addresses of the Cabinet of Ministers.
The system and backups were restored within 12 hours of the attack. However, due to the lack of data backup from May 17 to August 26, 2023, all affected accounts permanently lost information during this period.
The head of ICTA noted that the LGC system was first put into operation in 2007 based on Microsoft Exchange 2003, and in 2014 the mail server was updated to Exchange 2013. "This version was used until the recent attack, but now it is clear that it is outdated and extremely vulnerable," said Perera.
Although the Agency planned to update LGC to the latest version as early as 2021, the decision was constantly delayed due to limited funding and previous controversial management decisions.
After the attack, ICTA began measures to strengthen security, including daily offline backups and updating the mail server to the latest version.
The Sri Lankan government has previously been criticized for failing to effectively promote serious cybersecurity measures in government agencies and the private sector. According to the National Cybersecurity index of the Estonian Academy of E-Governance, the country is ranked 83 out of 175.
In June 2023, the Sri Lankan government finally unveiled the long-awaited cybersecurity legislation that will introduce the first national cybersecurity authority.
As can be seen from this incident, many organizations often underestimate the importance of banal cybersecurity measures, such as data backup. The damage from the attack could be minimized if data from the LGC was backed up every day.
However, do not forget about other security measures, because only a comprehensive approach to cybersecurity can provide an acceptable level of protection.
Sri Lanka has launched an investigation into a large-scale ransomware cyberattack that affected the government's Lanka Government Cloud (LGC) system.
The investigation is being conducted by the Sri Lanka Computer Incident Response and Coordination Center (CERT-CC), which today confirmed the attack on its social networks.
According to experts, the attack began on August 26 this year, when one of the domain users "gov.lk" he reported that he had been receiving suspicious links for several weeks at the time of the request, and it is possible that one of the employees clicked on one of these links. As a result, LGC services and backup systems were quickly encrypted by attackers.
Mahesh Perera, head of Sri Lanka's Information and Communication Technology Agency (ICTA), said that all 5,000 email addresses using the domain were targeted "gov.lk", including addresses of the Cabinet of Ministers.
The system and backups were restored within 12 hours of the attack. However, due to the lack of data backup from May 17 to August 26, 2023, all affected accounts permanently lost information during this period.
The head of ICTA noted that the LGC system was first put into operation in 2007 based on Microsoft Exchange 2003, and in 2014 the mail server was updated to Exchange 2013. "This version was used until the recent attack, but now it is clear that it is outdated and extremely vulnerable," said Perera.
Although the Agency planned to update LGC to the latest version as early as 2021, the decision was constantly delayed due to limited funding and previous controversial management decisions.
After the attack, ICTA began measures to strengthen security, including daily offline backups and updating the mail server to the latest version.
The Sri Lankan government has previously been criticized for failing to effectively promote serious cybersecurity measures in government agencies and the private sector. According to the National Cybersecurity index of the Estonian Academy of E-Governance, the country is ranked 83 out of 175.
In June 2023, the Sri Lankan government finally unveiled the long-awaited cybersecurity legislation that will introduce the first national cybersecurity authority.
As can be seen from this incident, many organizations often underestimate the importance of banal cybersecurity measures, such as data backup. The damage from the attack could be minimized if data from the LGC was backed up every day.
However, do not forget about other security measures, because only a comprehensive approach to cybersecurity can provide an acceptable level of protection.
