New cyber security bill, not panacea for all ills
The impending cyber security law will only help the country identify and take action against local threats, but won't be able to withstand international ransomware attacks such as the recent one, experts in the industry say.
They added that it is important for the country to beef up cyber security if such ransomware attacks happen in the future.
The Information and Communication Technology Agency (ICTA) has managed to recover over 80 per cent of the e-mail addresses lost in the recent ransomware attack on the Lanka Government cloud (LGC).
While ransomware attacks are very common, LGC not having an offline backup system is still concerning, industry analysts said.
“Added to the fact that they were using an obsolete version of Microsoft Exchange
Version 2013 when newer versions were available shows a major issue and lack of attention to software vulnerabilities. Microsoft Exchange version 2013 means obsolete, and Microsoft has already announced the end of support for the product. Regular software updates can mitigate known vulnerabilities that hackers exploit,” an analyst said.
Sri Lanka has seen an unprecedented increase in cyber security attacks in recent years, said Abbas Kamrudeen, past Chairman of FITIS (Federation of ICT Industry Sri Lanka). "Be it government, public, or private sector, the impact has been significant and sadly over 80 per cent of such attacks are not made public," he told the Business Times.
As the economy accelerates its digital adoption journey, Sri Lanka becomes a potential target for cyber-attacks from across the globe as its critical infrastructure is digitised, he said. “Ransomware is by far the most prominent of all attacks where an attack leaves some or all the organisation’s data encrypted. Attackers demand millions of dollars in payment through cryptocurrency to provide the decryption key to unlock all data."
Hence, local organisations most often are unable to pay and end up losing their data leading to inconceivable losses.
It is suspected that a user clicked on a malicious link in an email, which triggered the ransomware issue, Yohan Weerasinghe, CTO 3iTeam International said noting that regular cyber security training and awareness programmes for employees can help avoid such incidents. “Employees should be educated on recognising suspicious emails and there should be a mechanism to report them.”