-Ruwan Weerakoon reports
(Lanka-e-News -03.May.2026, 8.10 PM) The recent report regarding a $2.5 million USD cyber heist at the Sri Lankan General Treasury has now been formally acknowledged by the government, confirming a sophisticated infiltration of the External Resources Department (ERD) systems.
The investigation has escalated into an international inquiry due to the nature of the funds and the complexity of the breach.
The Sri Lankan government is actively seeking and receiving support from foreign law enforcement and technical experts to trace the funds and secure state infrastructure:
Federal Bureau of Investigation (FBI): The Criminal Investigation Department (CID) has officially reached out to the FBI for assistance in the forensic investigation. This collaboration is focused on tracking the digital footprint of the hackers and the movement of siphoned funds through international banking channels.
Australian Federal Police (AFP): Since the stolen money was a portion of a $22.9 million debt repayment owed to Australia, the AFP is collaborating with Sri Lankan authorities. The Australian High Commission in Colombo has confirmed awareness of these "irregularities" and is engaging in bilateral cooperation to resolve the matter.
System Assessment: A specialized team of cyber security experts has been tasked with assessing the Finance Ministry’s digital architecture. Their primary objective is to identify the "security holes" within the ERD's communication protocols that allowed for a Business Email Compromise (BEC) attack.
Recent weeks have seen significant internal and legal actions taken by the Ministry of Finance:
Official Suspensions: At least four to five senior officials, including Directors and the Head of the Computer Division at the Treasury, have been suspended as part of the internal inquiry into the security failure.
The "Digital Rat" Theory: Investigators believe hackers monitored government-to-government communications for months, eventually intercepting and altering bank account details in official emails to redirect the payment.
Tragedy in the Department: In a developing turn of events, Ranga Rajapaksa, the Director of the Department of Foreign Resources who originally filed the CID complaint regarding the fraud, was recently found dead. While initial reports cite a heart attack, there is significant public and media pressure for a deeper investigation into whether his death is linked to his role as a key witness in the scam.
Discovery of the Scam: Ironically, the $2.5 million theft (conducted between December 2025 and January 2026) was only fully uncovered when hackers attempted a second diversion of a payment intended for a creditor in India.
The Technical Investigation Committee, appointed in late March 2026, continues to work alongside the CID and international partners to determine if this was a purely external attack or if there were internal accomplices involved in the breach.
---------------------------
by (2026-05-03 14:36:42)
Read 3594 Times
Leave a Reply
0 discussion on this news