Sri Lanka is suffering through a debilitating economic crisis. Prices of essential commodities like rice, milk, and oil have risen sharply, sparking widespread protests against the government and political instability.
Decentralised hacktivist group Anonymous, which has been active in opposing Russia's invasion of Ukraine, stepped up in support of the people and declared "cyberwar" against the government of Sri Lanka.
Accounts connected with the group have since claimed to have targeted the websites of the Sri Lanka Police, the Ceylon Electricity Board, and the Health Ministry, primarily using distributed denial-of-service (DDoS) attacks.
While their campaign against the government has largely been ineffective, they have released data of thousands of ordinary Sri Lankan citizens that could leave them vulnerable to cybercrimes.
Sensitive Data Released
One account related to Anonymous released a database of usernames, passwords, and email addresses of thousands of people registered with Sri Lanka Scholar, a private portal that connects students to higher education institutions.
Hackers also released information about the agents registered with the Sri Lanka Bureau of Foreign Employment (SLBFE), prompting one user to write," What's the use of hacking SLBFE? This website include details of innocent Sri Lankan employees who work abroad. Rajapkshas won't hide their secrets in SLBFE."
None of these databases contain any information about the government's wrongdoings. However, they do leave Sri Lankans at significantly increased risk of cybercrimes, including phishing scams and impersonation.
"Unless fixed, another hacker can access the same database and collect the employees’ passport details and other personally-identifiable information, which can be sold on the dark web for about $50,” cybersecurity specialist Asela Waidyalankara told Rest of World.
Another attack was planned on the National Savings Bank, service provider Mobitel, and E-Channelling, a digital platform for Sri Lankans to get appointments with doctors.
If successful, this attack could have potentially revealed sensitive medical information about several people, Waidyalankara added.
What Is Anonymous?
Anonymous is a loosely organised group of hackers with members from around the globe, which appears to have been operating since at least 2008, when it targeted the Church of Scientology.
From there it pivoted towards 'hacktivism,' targeting governments and corporations over major issues. Members are known to wear Guy Fawkes masks and use voice changers or text-to-speech programs to mask their voices.
The group doesn't seem to have a clearly defined hierarchy or a formal set of rules, which makes it difficult to accurately attribute cyberattacks to them. Essentially, anyone can claim to be part of Anonymous.
On 16 February, Anonymous posted a video message warning Russian president Vladimir Putin to cease the war. Russian government websites and media outlets have since been targeted by the group.
(With inputs from Rest of World.)