2022 is coming to an end & we wanted to share with you how the year was for cyber security in Sri Lanka and around the world.
Anonymous Attacks on Multiple Websites
With the economic crisis and protests happening in Sri Lanka, a hacktivist group named Anonymous hacked several websites to dig up information on corruption and sensitive information in late April 2022
Some of the websites among the reportedly targeted 30 websites are as follows.
- Sri Lanka Bureau of Foreign Employment (SLBFE) database leaked with 1000+ entries
- Ministry of Health website
- Subdomain belonging to Ada Derana
- Business Today website with database leaked
Many, if not all attacked websites are now back online. There is no update on any recourse taken on the leaked data.
When DoeNet Got Hacked in September
Although it cannot be technically said that it was a hack, a 17-year-old utilized the open nature of the doenets website of Sri Lanka AKA Department of Examinations website API to manipulate its data.
Experts say that it was less of a breach but more like walking into a home with the key on the door.
It has become a necessity to take tight measures to secure this important website which the future of many Sri Lankan students depends on.
Need for robust internet security framework in Sri Lanka
The need for a robust internet security framework in Sri Lanka has been deemed essential with the recent cyber security breaches in 2022 affecting many government institutions.
After the first draft of the Cyber Security bill in 2019, there have been subsequent changes publicly available in the recent draft as follows.
- Establishment of the Digital Infrastructure Protection Agency of Sri Lanka
- Specifying the powers and functions of the Sri Lanka Computer Emergency Readiness Team (“CERT”)
- Enabling the designation of “Critical Information Infrastructure” (“CII”) by the Agency
- Penalties – a person whose computer system has been designated as CII and who does not comply with the requirements will first be given a warning by the Agency followed by a penality up to Rs. 1 million in the event of nonconforming with the requirements or show cause for non-compliance
When a whole country goes offline
A country named Costa Rica in Central America got attacked by a cybercrime group, Conti.
Conti attacked Costa Rica’s health systems and national businesses and forced the government to declare a national emergency.
The aftereffects were demands of millions in ransomware.
These attacks continued to happen to the country and made them request support from Microsoft, USA.
The country identified the need for a quick investment in cyber defense and recovery capabilities as a national priority.
Russia and the Ukraine : what happened with Cyber Developments
It is no news that a new era of warfare starts with cyber warfare that includes manipulation of information, attacks on infrastructure services, election influence & reconnaissance.
One such recent tragedy is the war between Ukraine and Russia, where the military war was predicated upon years of digital misinformation and cyberattacks by their Russian adversaries.
Ukraine worked hard to keep its services online and mount attacks against Russia by using disruptive attacks against its invaders. This cyber chess war also enticed other hacktivists to join in on the action along with Ukraine leveraging massive DDoS attacks, malware attacks, and more against Russian infrastructure.
A MEGA Web DDoS attack
A massive DDos (Distributed Denial of Service) attack hit Google cloud Armos customers in June. This has been reported as one of the largest DDos attacks which lasted more than 1 hour in duration and peaked at a reported 46 million requests per second.
It also implemented more than 5,000 origin IP addresses across more than 130 countries.
Security Player With Mandiant : Google
The top cloud market share belongs to AWS, with Microsoft Azure just behind. Google cloud platform places itself to be 3rd, far behind them.
But Google’s recent acquisition of Mandiant, with a secure cloud foundation costing them $5.4 Billion, seems to change the game.
With an evolved and integrated security foundation, Google Cloud platform can not only compete with its reduced prices but also its differentiating machine learning features to clients throughout the industry.
Were they able to catch the bad guys?
A Russian named Igor Dekhtyarchuk was indicted in the Texas Federal courtroom for his part in a cybercriminal marketplace where compromised data is openly sold to thousands of similar cyber criminals. But he remains at large and still wanted by the FBI, up to date.
In another case, a 17-year-old British hacker was arrested and linked to hacks against Microsoft and Uber.
Rockstar Games, a popular game publisher was breached in late 2022, where non-public data to forums on the internet were stolen.
Another group of cybercriminals were indicted in the Miami Federal courtroom for running elaborate fraud operations involving tax returns, fake business entities, stolen identities and collection of tax refunds.
Cyber crimes continued to increase in 2022, while more efforts were taken by the authorities to catch and convict cyber criminals.