Interviews and Discussions on Cyber Attacks and Cybervandalism and Other Cybersecurity Challenges in Sri Lanka Archives

The discussion centers on Cybersecurity challenges in the context of Sri Lanka's digital transformation. Experts stress the importance of awareness and responsible social media usage, acknowledging that no website is completely secure. They emphasize the need for proactive Cybersecurity measures, discuss the difficulties in prosecuting cybercriminals outside the country's jurisdiction, and call for improved cybercrime legislation, including addressing cyberbullying and harassment. Sri Lanka grapples with a rising cybercrime threat, necessitating education and specialized expertise. Collaboration among financial institutions is crucial, despite concerns about reputation, to enhance the overall Cybersecurity landscape.

Amid the internet disruptions, VPN usage surged, but caution is essential, as not all VPN services are secure. While they offer anonymity, free VPNs can compromise user data. Opting for paid VPN services is advisable to avoid security risks and data selling. The government's social media block aimed to combat the spread of fake news and hate speech, emphasizing responsible online behavior. Facebook struggles to tackle hate speech in local languages due to automation limitations, a problem not confined to Sri Lanka. Machine translations often lose context, necessitating investment in native language moderators and government collaboration with Facebook. The recent social media ban had significant economic and personal impacts, highlighting the importance of stability for democratic progress.

A cyber vandalism incident in Sri Lanka, Attributed to low-level hackers, defaced several websites, including government ones. While the damage was minimal , it highlights the need for proactive Cybersecurity measures.

Sri Lanka currently has the Computer Crimes Act, somewhat limited in addressing cybercrimes, necessitating a comprehensive Cybersecurity Act. Ratifying the Budapest Convention on Cybersecurity is also crucial. Responsibility for curbing hate speech on social media extends to Facebook, which has fallen short in monitoring and removal efforts. Collaboration with local universities for content moderation centers is proposed. Public vigilance in identifying and reporting radicalized individuals on social media is emphasized as a crucial preventive measure against potential threats.

The news was about the cyber attack on the government websites. Mr. Asela Waidyalankara explained how and who it was attacked by and how preventive actions need to be done to prevent these cyber attacks.

This is an event which was conducted by Asian Mirror on the topic of Cyberspace and mass media in Sri Lanka. Mr Asela was one of the panel of experts in this Event.

The discussion emphasizes the pressing need for improved Cybersecurity in Sri Lanka as the country grapples with its low ranking in the Global Cybersecurity Index and the growing digitization. It highlights the importance of early investment in Cybersecurity to safeguard critical data and infrastructure, along with the necessity of addressing issues like hate speech and misinformation on social media platforms while striking a balance between accountability and freedom of expression. Furthermore, the conversation delves into the global concern of Pegasus spyware, an advanced cyber eavesdropping tool. While there's no evidence of its use in Sri Lanka, various factors make it highly improbable, including the absence of Sri Lanka in an Amnesty International report on Pegasus targets, the stringent approval process by the Israeli Defense Ministry, and the considerable financial cost. Ultimately, the discussion underscores the importance of ongoing dialogues regarding security and privacy education in the country.

Anonymous, a loose collective of hackers, is known for hacktivism, disrupting government systems and websites. They lack a central organization and can attract cybercriminals. This poses risks, especially to people's personal data stored in government systems. Individuals and organizations should improve Cybersecurity practices, such as strong, unique passwords and two-factor authentication. Separate your financial transactions with a dedicated email and regularly back up your data. Don't trust Anonymous to achieve your goals; it can lead to unintended consequences and financial burdens. Research and seek professional help instead of relying on hacktivists. Be cautious and prepared for potential cyberattacks.

This is a Facebook podcast where Mr. Asela Waidyalankara explains the impacts of inviting the Anonymous for help and how it impacts every entity in Sri Lanka.

Recent discussions about inviting the hacktivist collective Anonymous to investigate Sri Lanka's cyberspace amid protests and fake news concerns have raised significant risks. Anonymous, known for its global hacking operations, consists of a mix of hacktivists, inexperienced individuals, and potentially criminal elements. Their involvement in Sri Lanka's protests could introduce unpredictability and potential harm to the largely peaceful movement. Additionally, the presence of cybercrime gangs within Anonymous poses a threat to personal data, which can be sold on the dark web. While state regulation may be necessary for online content monitoring, it should be carefully implemented to avoid selective enforcement. Sri Lanka also needs to enforce data protection laws, improve online safety education, and establish guidelines for digital curfews. With the increasing digitization of services, protecting citizens' data through strict standards and public-private partnerships is essential to ensure Cybersecurity and promote digital citizenship.

Mr. Asela Waidyalankara cautions that inviting the Anonymous hacktivist group to participate in taking down government infrastructure may not be as wise a move as people think. He points to the group's recent release of data from the Sri Lanka Bureau of Foreign Employment as evidence that not all hackers are trustworthy.

The Sri Lankan government's ICT agency confirmed a severe data loss incident caused by a ransomware attack affecting government email accounts from May to August 2023. Important government bodies, including the cabinet office, were impacted. The attack compromised the gov. lk email domain, potentially affecting 5,000 email addresses. Critical data was lost due to the absence of offline backups. In response, the ICT agency is implementing daily backups and upgrading security measures. Efforts are underway to recover the lost data. This incident underscores the need for enhanced Cybersecurity, considering previous data losses in Sri Lanka's digital initiatives.

Mr. Asela Waidyalankara was featured in this news to explain what ransomware is and how to prevent these kinds of cyber attacks.