The recent ‘cyberhack’ involving a sum of $ 2.5 million being miscredited to a third party’s account, instead of the Australian Government as a creditor to Sri Lanka, is a crime of impersonation by way of email phishing, rather than a sophisticated computer system attack, Oppositional Member of Parliament Ajith P. Perera told Ada Derana recently (27).
“Technically, this is not a sophisticated technical infiltration into the system, by way of breaking down firewalls. This is basic trickery. An external party that was aware of the date of the debt repayment had sent an email and said that the due installment must be made to this new account. Without much hassle, the payment was made to the new account,” Perera said, speaking of the Treasury funds.
According to Perera, though officials involved within the process had at that point suspected the authenticity of the new account, they had reached out to through the email of the unknown external party, which was impersonating the Australian Government, for further clarification.
“It was an official with the Central Bank who suspected that this was suspicious, therefore the team at the Treasury then sent an email to the same email that had shared the new account, to clarify the authenticity of the account.”
The external party, according to Perera, posing as the creditor, reassured the team of the authenticity of the new account.
Perera said that once payments due had not been made on the due date, further investigation into the matter had commenced. “It was when concerns about the payment not being deposited on time had arisen, that it was found that a certain party had fraudulently obtained the money. This happened in January.”
He added that it would have been appropriate for the Ministry of Finance to inform the Committee on Public Finance of the matter in confidentiality, as the committee would have protected the sensitive information.
Last Thursday (23), Secretary to the Ministry of Finance Harshana Suriyapperuma, told media that the funds had been fraudulently diverted by the cyber criminals, by way of breaching a computer system at the Ministry of Finance.
“In January 2026, we found out that our Department of External Resources had faced an attempt by cyber hackers to enter and compromise the system. Immediately afterwards, the Ministry of Finance notified relevant law enforcement authorities to conduct a further investigation. We made a report to the SLCERT (Sri Lanka Computer Emergency Readiness Team) and the Sri Lanka Police Computer Crimes Investigation Division regarding the attempt made by hackers to compromise the system.”
Explaining the reasons for the hack, Perera said that the existing team which had overseen the transaction at the Treasury were inexperienced. “When it comes to such deception, this team is relatively inexperienced. In the last few months, after the appointment of this new Government, officers with experience at the Treasury had been shifted to other departments and some had willingly even joined other Ministries. A new team had been put in place, and this new team was not experienced.”