- 
- Leaked facts by the hacker collective has put frequent Sri Lankans at critical threat of cybercrime




By Dimuthu Attanayake



restofworld.org: As significant protests towards Sri Lankan President Gotabaya Rajapaksa entered their eighth 7 days, past thirty day period the hacktivist collective Nameless stepped up to display guidance — in means that have left cybersecurity professionals and the basic public alarmed and pondering whether the organisation was undertaking extra harm than excellent.
On 20 April, Anonymous the decentralised collective of world-wide-web activists, hit the internet websites of the Ceylon Electrical power Board, the Sri Lanka Police and the Department of Immigration and Emigration utilizing dispersed denial-of-assistance (DDoS) attacks. Twitter handles affiliated with Nameless stated the group experienced began the #OpSriLanka hashtag in assistance of the people today and was “declaring cyberwar in opposition to the federal government.”
Several Sri Lankans experienced been contacting for the team to phase in, using the hashtag #AnonymousSaveSriLanka on social media. But as part of the assault, Nameless hackers publicly shared thousands of usernames, passwords and electronic mail addresses from the databases of Sri Lanka Scholar, a personal portal that connects pupils to various greater instruction establishments and works by using the formal “.lk” domain. The hackers produced related info about the brokers registered with the Sri Lanka Bureau of Overseas Employment (SLBFE).
“What’s the use of hacking SLBFE? This website incorporates[s] information of innocent Sri Lankan staff who perform abroad. [Rajapaksa’s] will not conceal their secrets in SLBFE,” a Twitter user requested.
In addition to violating the privacy of common Sri Lankans, the leaks also put them at threat of cybercrimes and phishing assaults, technological innovation legislation professional Ashwini Natesan advised Relaxation of Environment.
These people continue on to be at threat mainly because “unless fastened, another hacker can entry the similar databases and acquire the employees’ passport particulars and other personally-identifiable info, which can be marketed on the dim web for about $ 50,” cybersecurity specialist Asela Waidyalankara told Relaxation of Planet. “These information can then be made use of for a selection of cybercrimes, like impersonation.”
In addition to the facts leak, a Twitter cope with affiliated with the Ghost Squad, a politically enthusiastic hacktivist workforce that is a section of Anonymous, shared approaches for attacking the point out-owned Nationwide Price savings Bank, semi-government cell assistance company Mobitel and the electronic platform supplied by Sri Lanka Telecom for locals to get appointments with physicians. Waidyalankara explained that fortunately, these programs have been not breached. “Had this taken position, it would have uncovered delicate medical data about people.”
Specialists say Anonymous’ attack has highlighted the shortcomings of Sri Lanka’s cybersecurity infrastructure at a time when the nation is dealing with the worst financial crisis given that its independence in 1948.
Sri Lanka is in financial shambles due to the fact overseas remittances have slowed, tourism earnings has suffered from the pandemic, significant world oil and fuel costs make day by day existence high-priced and the govt faces issues borrowing from international loan companies owing to a significant superb exterior financial debt. The charges of important merchandise have skyrocketed in the island country, together with day by day ability cuts, resulting in ongoing anti-govt protests all-around the state.
Given these situation, the authorities could not have the usually means to prioritise cybersecurity, which may depart its citizens vulnerable to potential threats, experts stated. In March, the Sri Lankan parliament handed data security legislation, which has yet to appear into pressure. “The Info Defense Act delivers for defending individual information from misuse and abuse and has necessary notification procedures in spot. Nevertheless, it has still not come into drive and the Knowledge Protection Authority has not nevertheless been established underneath the Act,” Natesan claimed.
The Sri Lankan Ministry of Technology “is consistently getting a whole lot of precautions versus cyberattacks, and these will be even further strengthened,” Secretary Jayantha de Silva advised Rest of World.
If the govt does prioritise cybersecurity, it will be applying taxpayer income for problems command, “so, I do not see how this assault contributes to the basic result in of the protests,” Waidyalankara claimed. The real effect of this cyberattack will be recognized a great deal later on, Waidyalankara additional. “If the country’s menace profile for cyberattacks was reduced to medium before this, now it would be somewhere among medium to higher.”
Meanwhile, Anonymous’ attack is being used by some to unfold misinformation. On 22 April, a Fb site identified as Lanka E News revealed a submit in which they claimed to disclose the “hidden wealth” of the ruling Rajapaksa family members. Lanka E Information explained this info experienced been leaked by Anonymous all through the cyberattack.
The submit, which did not have hyperlinks to any knowledge dumps or paperwork, claimed that media homes and popular media personalities who have noted on the economic crisis and the protests are involved in the underhanded dealings of the Rajapaksa loved ones.
Social media analyst Sanjana Hattotuwa, who has researched the article, flagged it for “narrative corruption.” Hattotuwa found that the write-up was remaining revealed by diverse accounts at the exact time, a person of the “signals of inauthentic propagation.” This is an instance of a professional-government spread of misinformation, seeking to derail the movement towards President Rajapaksa, Hattotuwa reported, adding that “the dominant community perception that the Rajapaksa’s are corrupt is getting instrumentalised [by the creator].” The article has been shared on a amount of Facebook teams supporting the anti-authorities protests, like “GoHomeGota2022” which has around 300,000 followers.
(Source: https://restofworld.org/2022/nameless-sri-lankans-hacks-danger/)
Dimuthu Attanayake is an unbiased journalist and a researcher from Sri Lanka.








