Sri Lanka investigates missing $625,000 payment amid hacking concerns

Coverage from TechCrunch indicates that Sri Lanka is investigating a missing payment of approximately $625,000 to the U.S. Postal Service, with authorities suspecting a cyberattack.

The payment to the U.S. Postal Service went missing several weeks ago, according to Sri Lankan officials. The incident was detected after hackers allegedly attempted to redirect another payment intended for India. Australian officials are also reportedly aware of irregularities in payments owed to their country, suggesting the scope of these financial thefts may be wider than initially believed. This follows a separate incident where hackers allegedly stole $2.5 million from Sri Lanka's finance ministry. Treasury Secretary Harshana Suriyapperuma stated that hackers diverted funds from the postal authority to other bank accounts.

These attacks appear to be business email compromise (BEC) scams, a common tactic where cybercriminals infiltrate email or accounting systems to alter payment details. BEC attacks are highly profitable for cybercriminals, with the FBI reporting billions of dollars in losses globally last year alone. The successive security breaches add pressure on the Sri Lankan government, which is still recovering from a severe economic crisis and debt default in 2022. It remains unclear if the two thefts are connected, and an investigation is underway to determine any links.

Source: TechCrunch