Connect with us

News

Massive ransomware attack on state email domain

Published

on

All Government offices using the “gov.lk” email domain, including the Cabinet Office, have lost data from May 17 to August 26, 2023, after a massive ransomware attack, the Information and Communication Technology Agency (ICTA) has confirmed.

The virus could have affected around 5,000 email addresses, ICTA CEO Mahesh Perera said, admitting that there was no offline backup for around two-and-a-half month’s worth of data. Since the online backup system had also been corrupted, users lost emails for that period. The Cabinet Office is among the entities in the Lanka Government Network (LGN). It uses the [email protected] email domain.

Following the attack, ICTA is taking measures to start daily offline backup and to upgrade the relevant application to the latest version which has stronger defences against virus attacks. And the Sri Lanka Computer Emergency Readiness Team (SLCERT) is working closely with ICTA to try and retrieve the lost data, Mr. Perera said.

The LGN is the Government-owned private network that was introduced to connect Government organisations in what the ICTA maintains is “a cost-effective and secure manner”.

The service is being provided from 2007, Mr. Perera said. “Initially, we used Microsoft Exchange Version 2003,” he explained. “The email facility was given to Government offices. In 2014, it was upgraded to Microsoft Exchange Version 2013. This was in use till the attack. But that version is now obsolete, outdated and vulnerable to various types of attacks.”

One gov.lk domain user said that their official email had been receiving suspicious links over the past few weeks and that someone may have clicked one, triggering the ransomware attack. ICTA had planned from 2021 to upgrade the email facility to the latest version but had been constrained by fund limitations and certain previous board decisions, the CEO said.

With the ransomware attack on the morning of August 26, the site was completely encrypted. While ICTA maintains several backups in the LGN cloud, the encryption process that corrupted the server replicated to the online backup systems.

The system was restored within 12 hours of the attack and the backup was also brought back, but without two-and-a-half months of storage. “As a result of this time gap, certain old emails were lost but the service was restored,” Mr. Perera said.

ICTA continues to receive complaints from users seeking full access to the service. The reason for not maintaining regular backup was attributed to “administrative problems”.

Meanwhile, like many other offices, ICTA has been affected by the brain drain triggered by the economic crisis and is recruiting new staff.

(The Sunday Times)

News

IMF grants waivers despite obligation breach & erred reporting

Published

on

By

The Executive Board of the International Monetary Fund (IMF) reviewed non complying purchases made by Sri Lanka under the 2023 Extended Arrangement under the Extended Fund Facility (EFF) as well as inaccuracies of information reported to the IMF.

However, the IMF has decided to grant waivers and not pursue further action, citing corrective measures and a commitment to reform by Sri Lankan authorities.

Following the Executive Board’s discussion, Deputy Managing Director and Acting Chair – Mr. Kenji Okamura, has issued the following statement:

“The Executive Board of the International Monetary Fund (IMF) reviewed non complying purchases made by Sri Lanka under the 2023 Extended Arrangement under the Extended Fund Facility (“EFF”), as well as a breach of obligations under Article VIII, Section 5. The noncomplying purchases arose as a result of the provision of inaccurate information by the authorities on the stock of expenditure arrears at the first, second, and third reviews under the EFF.

“The inaccuracies in information provided to the IMF were inadvertent and arose because of weaknesses in the timely reporting of arrears by line ministries to the Ministry of Finance, as well as a misunderstanding by the authorities of the definition of “arrears” under the Technical Memorandum of Understanding. 

“The Executive Board positively considered the authorities’ corrective actions, the fact that arrears repayments will be accommodated within the existing fiscal envelope, and the authorities’ commitment to improving public financial management procedures in line with the new PFM law, to reduce the risk of accruing arrears or inaccurate reporting of information going forward. In view of the above, the Executive Board agreed to grant waivers for the nonobservances of the quantitative performance criterion that gave rise to the noncomplying purchases and decided not to require further action in connection with the breach of obligations under Article VIII, Section 5.”

Continue Reading

News

Abdul Wazeeth appointed to Parliament from SLMC national list

Published

on

By

Abdul Wazeeth of the Sri Lanka Muslim Congress (SLMC) has been appointed as a Member of Parliament, the National Election Commission has announced.

His appointment comes following the resignation of former MP M. S. Naleem, who had entered Parliament through the SLMC National List after the 2024 parliamentary election.

Continue Reading

News

Tense situation in Kahawatta as residents clash with police

Published

on

By

Police had been compelled to use tear gas to control a tense situation that erupted between residents and police in Kahawatta following the funeral of a youth who was shot dead recently.

The funeral was held today (July 03) and the clash had broken out shortly afterwards.

Residents had expressed anger over the handling of the and had hurled stones at the police, reports say.

Continue Reading

Trending

Copyright © 2024 Sri Lanka Mirror. All Rights Reserved