All Government offices using the “gov.lk” email domain, including the Cabinet Office, have lost data from May 17 to August 26, 2023, after a massive ransomware attack, the Information and Communication Technology Agency (ICTA) has confirmed.
The virus could have affected around 5,000 email addresses, ICTA CEO Mahesh Perera said, admitting that there was no offline backup for around two-and-a-half month’s worth of data. Since the online backup system had also been corrupted, users lost emails for that period. The Cabinet Office is among the entities in the Lanka Government Network (LGN). It uses the email@example.com email domain.
Following the attack, ICTA is taking measures to start daily offline backup and to upgrade the relevant application to the latest version which has stronger defences against virus attacks. And the Sri Lanka Computer Emergency Readiness Team (SLCERT) is working closely with ICTA to try and retrieve the lost data, Mr. Perera said.
The LGN is the Government-owned private network that was introduced to connect Government organisations in what the ICTA maintains is “a cost-effective and secure manner”.
The service is being provided from 2007, Mr. Perera said. “Initially, we used Microsoft Exchange Version 2003,” he explained. “The email facility was given to Government offices. In 2014, it was upgraded to Microsoft Exchange Version 2013. This was in use till the attack. But that version is now obsolete, outdated and vulnerable to various types of attacks.”
One gov.lk domain user said that their official email had been receiving suspicious links over the past few weeks and that someone may have clicked one, triggering the ransomware attack. ICTA had planned from 2021 to upgrade the email facility to the latest version but had been constrained by fund limitations and certain previous board decisions, the CEO said.
With the ransomware attack on the morning of August 26, the site was completely encrypted. While ICTA maintains several backups in the LGN cloud, the encryption process that corrupted the server replicated to the online backup systems.
The system was restored within 12 hours of the attack and the backup was also brought back, but without two-and-a-half months of storage. “As a result of this time gap, certain old emails were lost but the service was restored,” Mr. Perera said.
ICTA continues to receive complaints from users seeking full access to the service. The reason for not maintaining regular backup was attributed to “administrative problems”.
Meanwhile, like many other offices, ICTA has been affected by the brain drain triggered by the economic crisis and is recruiting new staff.
Ransomware attacks are no challenge to us at BLAKFX as we have set out to eliminate ransomware as a threat…Period.
Our mission for 2023 is to eliminate ransomware damage.
There is no organization in any sector that is safe from ransomware except those that utilize Helix22 data security SDK.
In Math We Trust
Ransomware Auditing as a Service (RaaS): as ransomware attacks have skyrocketed, they have come to represent the biggest threat to the data of government agencies, military, intelligence agencies as well as private enterprises. BLAKFX developed the first in the world Ransomware Auditing as a Service (RaaS) platform which allows our cyber security engineers to scan your network and simulate real-world ransomware attacks to test the prevention, detection and mitigation strategies of your organization and establish how resilient your network is to real ransomware attacks. After the scan we provide a comprehensive report and our recommendations for remediation.
If you are the victim of an actual ransomware attack, we are able to recover the data that has been hi-jacked during the attack and due to Helix22’s patented DNA BindingTM cryptography, restore it to its original state.
We can make this restoration claim as the tech engineers at BLAKFX invented and holds multi-patents on a genuine device2device (D2D) encryption. We manage data security transmission through the truly brilliant and also patented universal Helix22 key service. The Helix22 encryption originates on your network or device, not just when the app is opened. This means, that when data arrives to our key server, it is already encrypted so all it needs to do is issue another key. Signal and Telegram cannot claim this level of security. This key will then only work with the intended device, which generates a matching key required to open the data. In this protocol, we are truly a “zero-knowledge” server so your communications and transmissions remain completely top secret. Even in the event that BLAKFX were subpoenaed, we can honor the request by just handing over the encrypted content…as that is literally all we have. Helix22 also only use keys just one-time and then destroys them. This way the data security is future forward prefect. Therefore, in our unique device-to-device encryption (D2D) world, there is no opportunity at all for any data leak.
This same protocol just described, can be the same with all your 3rd party vendors and suppliers. It does not matter in the least what platform they are running or what device they are using or even the type of data, it is all 100% protected. We do however, strongly advise that all firms involved be utilizing Helix22 due to the nature of the data content. Helix22 can ensure that whatever data they are generating is protected as well.
Let’s take it a step further. Even if your organization were a victim of an internal attack or a victim of malicious open source downloads, there is no reason for concern. Any data that has been forwarded, downloaded, copied or saved cannot be exfiltrated. Period. We have the technology industries foremost data packets which are protected with multi-layered, military grade encryption algorithms that have already proven the ability to withstand penetration testing from MI5 and quantum computing attacks.
One final practical genius of DNA BindingTM is in that it is immediately compatible with whichever system or software you are utilizing. Therefore, any organization can forward information to another and then discuss it and there is immediate privacy.
Finally, the Helix22 encryption is quantum computing ready so no need to redo all your data security methodologies in a couple of years when everything else becomes obsolete.
In the BLAKFX data security world, ransomware or any other data centric attack cannot have any affect on your systems or data.
The Helix22 data security SDK accomplishes the following:
- Protects all your firms data at rest, in use and in transit
- Renders ransomware threats obsolete
- Eliminates human error
- Eliminates all malicious or interior attacks
- Verifies original content i.e. minimizes the threat of impersonation attacks and deep fakes
- Reduces latency
- Installs with 5 lines of code
- Runs on any platform, network, device and in any programming language i.e. Internet of Things enablement
- Provides perfect future/forward secrecy
- Delivers “zero-knowledge” encryption
- Perfect security when utilizing all SaaS products
- Compatible with all cloud, 3rd party and vendor services
- Secures the Internet of Things by providing protection at the Edge with ultra low latency
- Ensures privacy and security for blockchain and all cryptocurrency transactions
- Is quantum ready – so there’s no need to upgrade when the time comes
- Requires no employee training
- Exceeds all gov’t and banking standards
- Meets compliance regulations
BLAKFX is Based on Success
Our founders, Robert Statica PhD and Kara Coppa, also founded Wickr, which is used by the US military and has never been hacked since its inception in 2012. The Helix22 data security SDK is several generations enhanced since then. Dr. Statica also delivered the encryption for the world’s most secure phone, Katim.
Founder – Robert Statica PhD Founder – Kara Coppa
Co-Founders of Wickr KatimTM Ultra Secure Smartphone
Helix 22 – Zero Risk