Sri Lanka has announced that a payment of approximately $625,000 (around 199.7 million Sri Lankan rupees) intended for the U.S. Postal Service has been unaccounted for over the past few weeks. This revelation follows reports from U.S. officials indicating that the payment did not reach its destination.
The issue came to light when authorities noticed hackers attempting to reroute another payment meant for India. This incident has raised alarms about the potential scale of financial irregularities affecting Sri Lanka.
Officials from Australia have also expressed awareness of discrepancies in payments owed to their country, hinting that the situation may be more extensive than initially believed. This disclosure follows the Sri Lankan government's ongoing investigation into a recent cyber theft of $2.5 million from its finance ministry.
Treasury Secretary Harshana Suriyapperuma stated in a press conference that hackers redirected funds from the postal authority to various bank accounts, rather than the intended recipient. These incidents appear to be part of a broader trend known as business email compromise, where cybercriminals infiltrate email systems or accounting platforms to manipulate bank transactions.
Business email compromise schemes have become increasingly common, with the FBI reporting that such attacks are a significant source of profit for cybercriminals. In fact, these breaches resulted in billions of dollars in losses last year, underscoring the severity of the threat.
The recent security breaches have intensified scrutiny on the Sri Lankan government, which is still grappling with the aftermath of an economic crisis that led to a debt default in 2022 and widespread protests. The political landscape shifted dramatically during this period, culminating in the resignation of then-President Gotabaya Rajapaksa.
Currently, it remains uncertain whether the two thefts are interconnected. Member of Parliament Nalinda Jayatissa has indicated that the government is exploring possible links between the incidents.
As Sri Lanka navigates these challenges, the emphasis on strengthening cybersecurity measures is becoming increasingly critical. The outcomes of these investigations could pave the way for enhanced security protocols, ultimately fostering a more resilient financial ecosystem in the future.
