Sri Lanka’s Government Cloud System, Lanka Government Cloud, Targeted in Massive Ransomware Attack

It has been reported that Sri Lanka’s government cloud system, known as Lanka Government Cloud (LGC), fell victim to a crippling ransomware attack. The attack, which began on August 26, 2023, was first brought to attention when a gov[dot]lk domain user reported receiving suspicious links. This incident marks a significant breach in the country’s cybersecurity infrastructure, raising concerns about the vulnerability of sensitive government systems.

Encryption of LGC Services

Upon detection of the attack, the perpetrators quickly managed to encrypt various LGC services and backup systems, causing widespread disruption. Disturbingly, all 5,000 email addresses associated with the ‘gov[dot]lk’ domain, including those used by the Cabinet Office, were severely impacted. This incident has shed light on the potential repercussions of cyberattacks on critical governmental communication channels.

Efficient restoration, but irretrievable data loss

Prompt and decisive action was taken by the authorities to mitigate the attack’s impact. The LGC system and backup were successfully restored within a commendable 12-hour period. However, the affected accounts unfortunately suffered permanent data loss spanning from May 17 to August 26, 2023. This loss highlights the importance of robust data backup strategies and serves as a cautionary tale for organizations to regularly update their security systems.

Outdated and vulnerable Microsoft Exchange version

An alarming discovery made during the investigation is that the LGC system was running an obsolete and vulnerable version of Microsoft Exchange. The failure to update the system was attributed to budget limitations and previous decisions, underscoring the critical need for prioritizing cybersecurity investments. This incident serves as a wake-up call for organizations to remain vigilant and proactive in ensuring their systems’ security.

Collaboration with Sri Lanka CERT|CC

To address the devastating impact of the attack and aid in the recovery process, the Sri Lanka Computer Emergency Readiness Team – Coordination Center (CERT|CC) has been actively involved. The CERT|CC has been working to retrieve the lost data and investigate the extent of the breach. Their expertise and assistance in dealing with the aftermath of the attack will be crucial in preventing future cybersecurity incidents.

Measures taken to enhance security

Recognizing the urgency and gravity of the situation, the Information and Communication Technology Agency (ICTA) has initiated various measures to enhance the security of government systems. This includes implementing daily offline backup routines to ensure the availability of critical data in the event of another attack. Additionally, efforts are underway to upgrade the email application, reinforcing the importance of using up-to-date software to safeguard against emerging threats.

Introduction of cybersecurity legislation

In response to this high-profile attack and the growing threat landscape, the Sri Lankan government unveiled long-delayed cybersecurity legislation in June 2023. The introduction of this legislation marks a significant step towards safeguarding the nation’s digital assets and protecting its critical infrastructure. The legislation will establish Sri Lanka’s first-ever cybersecurity national authority, which will work to strengthen the country’s cybersecurity capabilities and promote a proactive approach to defense against cyber threats.

The ransomware attack on Sri Lanka’s government cloud system, Lanka Government Cloud, has exposed significant vulnerabilities in the country’s cybersecurity infrastructure. The incident highlights the critical need for robust and up-to-date security measures to protect sensitive government systems. The effective restoration of services and collaboration with Sri Lanka CERT|CC demonstrates the importance of a coordinated response to mitigate the impact of cyberattacks. Furthermore, the introduction of cybersecurity legislation and the establishment of a cybersecurity national authority signify the government’s commitment to fortifying its cyber defenses. Moving forward, continued investment and implementation of best practices are crucial in securing Sri Lanka’s digital landscape and safeguarding critical national assets.

Explore more

Compliance Drives Regulated B2B Influencer Marketing in 2026

The shifting landscape of digital authority has fundamentally transformed how enterprise-level organizations engage with industry experts and thought leaders across global markets. As the professional world moves deeper into this period of technological saturation, the superficial tactics of the past have been replaced by a rigorous commitment to transparency and legal precision. In earlier years, the simple inclusion of a

Transforming Voice of the Customer Into Predictive Action

Corporate boardrooms often overflow with real-time dashboards and complex analytics, yet many organizations still find themselves blindsided by sudden shifts in customer loyalty and market demand. While the technology to capture feedback has become ubiquitous, the structural ability to interpret and act upon that data in a meaningful timeframe remains remarkably rare for the average enterprise. Most traditional systems are

How Will Databricks CustomerLake Redefine Agentic Marketing?

The ongoing evolution of the digital landscape has forced a radical reconsideration of how enterprises capture, process, and ultimately utilize the vast oceans of consumer data generated every second of the day. Modern marketing departments have long struggled with the paradox of having too much information but not enough actionable insight to drive meaningful consumer interactions in real time. The

How Can Small Banks Compete With Global Financial Giants?

Nikolai Braiden has seen the evolution of financial architecture from its early blockchain roots to the current wave of institutional modernization, and today he joins us to dissect a pivotal shift in venture capital. With BankTech Ventures recently deploying $15 million into AI and stablecoin solutions, the landscape for regional banking is undergoing a profound transformation. Braiden’s perspective as an

Bullski Presale Tops the List of Best Meme Coins for 2026

The current cryptocurrency market in 2026 has transitioned into a highly sophisticated arena where institutional standards and community-driven viral momentum converge to create unique financial opportunities. Investors are no longer satisfied with speculative assets lacking fundamental safeguards, leading to a significant shift toward projects that prioritize technical transparency and structured growth. In this evolving landscape, the Bullski presale has emerged