Sri Lankan authorities are to attempt to recover, to the maximum extent feasible, the $ 2.5 million in funds that had been fraudulently diverted by cyber criminals by way of breaching a computer system at the Ministry of Finance, the Secretary to the Ministry of Finance, Harshana Suriyapperuma, told media yesterday (23).
The criminals, according to Suriyapperuma, had intercepted a debt repayment to the Australian Government.
Detailing the process by which the Ministry of Finance uncovered the attempt, Suriyapperuma said the following: “In January 2026, we found out that our Department of External Resources had faced an attempt by cyber hackers to enter and compromise the system. Immediately afterwards, the Ministry of Finance notified relevant law enforcement authorities to conduct a further investigation. We made a report to the SLCERT (Sri Lanka Computer Emergency Readiness Team) and the Sri Lanka Police Computer Crimes Investigation Division regarding the attempt made by hackers to compromise the system.”
“We also directed the officials in the Ministry of Finance’s Department of External Resources to look into whether these individuals had made other prior attempts to compromise the system. This process took some time – going back and looking over the payments made in the past few months.”
Suriyapperuma stated that once relevant reports had been retrieved for further investigation, it was then that the ministry found the payment redirection that had been committed by way of intercepting the email communications between the Sri Lankan government and its Australian Government creditor.
“Once we received the relevant reports, it was found that this cyber attack had been attempted before, thereby intervening in the dealings between the Government of Australia (as an international creditor that was undergoing debt restructuring with the Government of Sri Lanka) for a sum of $ 2.5 million.”
“Although the Sri Lankan government had followed due process to make the payments, instead of the creditor (the Australian government) receiving the money, the criminals who had intervened directed these sums to a different account,” Suriyapperuma said.
According to the Committee on Public Finance (COPF) Chairperson Harsha de Silva, who spoke to media on Wednesday (22), the Ministry of Finance had not notified the committee of the breach and previous cyberattack attempts that had been uncovered.
Referring to the treasury reserves, de Silva said: “I myself have said that the treasury has accumulated a certain amount of funds. Therefore, each rupee collected and each rupee spent, the ultimate responsibility or the mandate power lies with the Parliament’s Committee on Public Finance. If there has been a crime that has been committed, it needs to be informed to us. But there was no such notification made to us on the matter.”
De Silva said that the Ministry of Finance had not participated in three COPF meetings. “If this had been discussed, we would have been able to methodically solve this issue.”
The Australian High Commission in Colombo yesterday notified the public that the Ministry of Finance is in the process of probing irregularities in payments owed by Sri Lanka to the Government of Australia, thereby coordinating with Australian officials.
“Since investigations are currently underway, updates regarding this matter will be provided at an appropriate time in the future so as not to disturb those ongoing investigations,” the statement released by the embassy said.
The Finance Ministry stated that, in accordance with the existing agreements between Sri Lanka and foreign jurisdictions, necessary future arrangements will be made regarding this matter.