Some 681 incidents of potential cyber threats were reported in Sri Lanka thus far this year, for the period from February to July, according to officials. This was a significant increase over 2010's total of 151 incidents. However, the majority of 2011's reports were due to the opening of fake accounts (accounts using somebody else's identity or pictures) and/or hijacked accounts (655) which occurred in the case of free e-mail providers like gmail, hotmail, etc. and/or social networking like Facebook. These incidents were usually resolved by the person in question making a request for that account to be closed, according to information provided by the Sri Lanka Computer Emergency Response Team (SL CERT), a subsidiary of the state-run Information and Communication Technology Agency, whose mandate is to protect the country from all cyber security threats. The organisation is a member of the 26-country Asia Pacific CERT as well as FIRST, a 400-member public private international organisation that also comprises most of the top software comapnies worldwide.
SL CERT's data also showed that the threat of fake accounts is a growing one as there were only 80 such incidents in 2010, and none the year before. On the other hand, other types of incidents mostly remained below or close to 2010 levels. These included malware (viruses), phishing (automated targeted emails, SMSs, Skype, faxes and other channel abuse where users are directed to malicious sites), abuse of or infringing on the privacy of personal online accounts, defacement of websites, scams such as Green Card lottery emails, etc., threatening or hate mail, and unauthorised access at places of business.
One malware incident was reported in 2011, to date, compared to five such incidents during the whole of 2010, and SL CERT noted that these were resolved by recovering the damaged systems. There were three phishing incidents reported this year, as opposed to six in 2010, which SL CERT dealt with in conjunction with Internet Service Providers (ISPs), international CERTs, etc. Further, there were five scams reported, down from 10 in 2010, and eight website defacements in 2010 as well as in 2011 thus far. The latter was handled through recovery of the websites.
Incidents of threatening or hate mail are low in 2011 with two reported thus far. This is in comparison to 12 in 2010. SL CERT handled these by getting ISPs to issue warnings to the mail's sender. Also, there were two incidents of abuse of personal accouts and five incidents of unauthorised access of company information, compared to 20 and 10, respectively, the year before, with some forwarded to the Criminal Investigation Department (CID) of the Sri Lanka Police for their criminal proceedings.
Meanwhile, according to SL CERT Chief Executive Lal Dias, while there have been increased incidents of cyber threats, these are akin to international trends and Sri Lankans should not too alarmed, beside taking due precautions. He also pointed out that threat levels for the international financial community were more severe than locally as 90% of all transactions in the West happened online or electronically with this alternative used significantly less locally. However, he did reveal that the biggest area of electronic crime in Sri Lanka was bank card fraud.
Speaking of Sri Lanka's national infrastructure protection cyber strategy, the strategy which protects the country's automated infrastructure such as power, telecommunications, etc., he indicated that Sri Lanka was "defensive" rather than "offensive" as SL CERT's mandate was protection, and, as such, an "offensive" approach was not needed.
Mr. Dias also suggested that, while the local financial sector was more than capable of handling cyber threats that cropped up, SL CERT was in the process of setting up a CERT for the financial sector in conjunction with the local Central Bank. This being done to share any vulnerabilities that come up with the entire industry. CERTs were also being set up for local telcos, education and armed forces.