Sri Lanka Treasury Fraud Ruled Sophisticated Impersonation Scam, Not System Breach
AI-generated from multiple sources. Verify before acting on this reporting.
COLOMBO, Sri Lanka (AP) — Sri Lankan authorities have concluded that a recent cyber fraud incident targeting the national Treasury was the result of a sophisticated phishing and impersonation scheme rather than a direct breach of government computer systems.
Digital Deputy Minister Eranga Weeraratne announced the findings on Friday, stating that the investigation by the Sri Lanka Computer Emergency Readiness Team (SLCERT) and the Central Bank of Sri Lanka determined no unauthorized access was gained into the Treasury's internal networks. Instead, fraudsters utilized social engineering tactics to deceive officials into authorizing payments.
The scam involved the creation of fraudulent domains and email addresses designed to mimic those of a legitimate international company. The perpetrators also adopted names closely resembling those of actual government officials and corporate executives to lend credibility to their communications. This deception successfully misled Treasury personnel into processing financial transactions intended for the fraudsters.
Weeraratne emphasized that the integrity of the Treasury's digital infrastructure remained intact throughout the incident. The investigation focused on the communication channels used to initiate the fraudulent transfers, revealing that the attackers relied on human error rather than technical vulnerabilities within the state's cybersecurity defenses.
The Central Bank of Sri Lanka collaborated closely with the SLCERT to trace the origins of the fraudulent emails and the financial pathways used to move the funds. While the specific international company impersonated was not immediately disclosed, officials noted that the sophistication of the fake domains required significant technical effort to establish.
The incident has raised questions about the protocols for verifying high-value international transfers within the government. Authorities have not yet confirmed the total amount of money lost in the scheme or the number of transactions involved. Recovery efforts are ongoing, with international cooperation sought to track the movement of the funds.
Security experts note that impersonation scams targeting financial institutions have become increasingly common, often exploiting the urgency of business operations to bypass standard verification procedures. The Sri Lankan government has since initiated a review of its internal communication protocols to prevent similar incidents in the future.
No arrests have been announced in connection with the fraud, and the identities of the individuals behind the scheme remain unknown. The investigation continues as authorities work to secure the financial channels and identify the perpetrators responsible for the elaborate deception.