Data leaked by anonymous hacktivists put Sri Lankans at risk of cybercrime
As the massive protests against Sri Lankan President Gotabaya Rajapaksa entered their eighth week last month, the hacktivist collective Anonymous showed its support – in a way that alarmed cybersecurity experts and the general public alike. is asked if the organization was doing more harm than good.
On April 20, Anonymous, the decentralized collective of internet activists, hit the websites of the Ceylon Electricity Board, the Sri Lankan Police and the Ministry of Immigration and Emigration using denial of service attacks distributed (DDoS). Twitter handles affiliated with Anonymous said the group launched the #OpSriLanka hashtag in support of the people and was “declare a cyber war against the government.”
Many Sri Lankans had called on the group to intervene, using the hashtag #AnonymousSaveSriLanka on social media. But as part of the attack, anonymous hackers publicly shared thousands of usernames, passwords and email addresses from the Sri Lanka Scholar Database, a private portal that connects students to various higher education institutions and uses the official domain”. lk”. The Pirates posted similar information on agents registered with the Sri Lanka Bureau of Overseas Employment (SLBFE).
“What’s the point of hacking SLBFE?” This website includes[s] details of innocent Sri Lankan employees working overseas. [Rajapaksas] won’t hide their secrets in SLBFE”, a A Twitter user asked.
In addition to violating the privacy of ordinary Sri Lankans, the leaks also put them at risk of cybercrime and phishing attacks, said technology law specialist Ashwini Natesan. Rest of the world.
These people continue to be at risk because “unless fixed, another hacker can access the same database and collect employee passport details and other personally identifiable information, which can be sold on the dark web for around $50,” cybersecurity specialist Asela Waidyalankara Told Rest of the world. “These details can then be used for a number of cybercrimes, such as identity theft.”
In addition to the data leak, a Twitter account affiliated with the Ghost Squad, a politically motivated hacktivist team that is part of Anonymous, shared strategies for attacking the state-owned National Savings Bank, semi-government mobile service provider Mobitel and the digital platform provided by Sri Lanka Telecom for locals to get appointments with doctors. Waidyalankara said that fortunately these systems were not hacked. “If this had taken place, it would have revealed sensitive medical data on individuals.”
Experts say Anonymous’ attack exposed shortcomings in Sri Lanka’s cybersecurity infrastructure at a time when the country is facing the worst economic crisis since its independence in 1948.
Sri Lanka is in economic shambles because foreign remittances have slowed, tourism revenues have suffered from the pandemic, high global oil and gas prices are making everyday life expensive and the government is struggling to borrow from international lenders because of massive foreign debt. Costs of essential goods have soared in the island nation, along with daily power cuts, leading to ongoing anti-government protests across the country.
Given these circumstances, the government may not have the wherewithal to prioritize cybersecurity, which can leave its citizens vulnerable to future threats, experts have said. In March, the Sri Lankan parliament passed data protection legislation, which has not yet entered into force. “The Data Protection Act provides for the protection of personal data against misuse and misuse and has put in place the necessary notification processes. However, it has still not entered into force and the Data Protection Authority has not yet been established under the law,” Natesan said.
Sri Lanka’s technology ministry is “constantly taking extensive precautions against cyberattacks, and these will be further enhanced,” Secretary Jayantha de Silva said. Rest of the world.
If the government prioritizes cybersecurity, it will use taxpayers’ money to limit the damage, “so I don’t see how this attack contributes to the overall cause of the protests,” Waidyalankara said. The true impact of this cyberattack will be understood much later, Waidyalankara added. “If the country’s threat profile for cyberattacks was low to medium before, it would now be between medium and high.”
Meanwhile, the Anonymous attack is being used by some to spread misinformation. On April 22, a Facebook page called Lanka E News published an article in which they claimed to disclose the “hidden wealth” of the ruling Rajapaksa family. Lanka E News said this information was leaked by Anonymous during the cyberattack.
The message, which did not contain hyperlinks to data dumps or documents, claimed that the media houses and popular media personalities who reported on the economic crisis and the protests are implicated in the underhanded dealings of the Rajapaksa family.
Social media analyst Sanjana Hattotuwa, who researched the post, flagged it for “narrative corruption”. Hattotuwa discovered that the message was posted by different accounts at the same time, one of the “inauthentic spread signals”. This is an example of pro-government spreading of disinformation, seeking to derail the movement against President Rajapaksa, Hattotuwa said, adding that “the prevailing public belief that Rajapaksas are corrupt is being instrumentalized.” [by the creator]. “The post was shared on a number of Facebook groups supporting the anti-government protests, including ‘GoHomeGota2022’, which has over 300,000 followers.