A Nation Already on the Edge Takes Another Hit
Sri Lanka, still nursing the wounds of one of Asia's worst economic collapses in recent memory, has been dealt a fresh blow — this time in cyberspace. The country's government has disclosed that more than $3 million USD has been lost across two separate cybersecurity incidents that occurred within days of each other, sending shockwaves through an administration already under intense scrutiny over its handling of public finances.
The first incident saw hackers steal approximately $2.5 million directly from Sri Lanka's finance ministry. Days later, a second, unrelated breach came to light, revealing yet another missing payment that pushed the total losses past the $3 million mark.
What Happened at the Finance Ministry
Details remain limited as investigations are ongoing, but the breach targeting the finance ministry is being treated as a serious criminal matter. Hackers reportedly gained access to government payment systems and diverted funds before the intrusion was detected. The exact method of attack — whether phishing, credential compromise, or a more sophisticated supply chain attack — has not been officially confirmed.
Government officials confirmed both incidents publicly, though they have been careful not to attribute the attacks to any specific group or nation-state actor. Cybersecurity investigators are working to trace the movement of funds, though recovering stolen money routed through international financial networks is notoriously difficult.
The Timing Couldn't Be Worse
Sri Lanka declared bankruptcy in 2022, triggering widespread shortages of food, fuel, and medicine, and prompting massive street protests that ultimately forced then-President Gotabaya Rajapaksa to flee the country. Since then, the government has been working through an IMF bailout program and painstakingly rebuilding public trust in its institutions.
Losing millions of dollars to cybercriminals — across two separate incidents in the same week — is exactly the kind of news that undermines that fragile confidence. For a country where every dollar of foreign reserves matters, $3 million isn't a rounding error.
A Growing Threat Across the Developing World
Sri Lanka's predicament is part of a broader global pattern. Governments in the Global South, often working with older infrastructure and limited cybersecurity budgets, have become increasingly attractive targets for hackers. State-sponsored groups and financially motivated cybercriminals alike have exploited gaps in public sector digital defences to siphon funds meant for public services.
The Bangladesh Bank heist of 2016 — where hackers attempted to steal nearly $1 billion from the central bank's account at the Federal Reserve — remains the most dramatic example, but smaller incidents have become routine across South and Southeast Asia.
What Comes Next
Sri Lanka's government faces pressure to explain how two significant financial breaches could occur so close together, and what systemic failures allowed them to happen. Opposition politicians have already called for a full independent audit of government payment systems.
For now, the country is left counting its losses and hoping investigators can recover at least a portion of the stolen funds — while scrambling to shore up the digital infrastructure that protects what remains of its public treasury.
Source: TechCrunch
