July 02, Colombo: Sri Lanka yesterday launched a system of Bank Computer Security Incident Readiness Team (Bank CSIRT), a body formed to prevent cyber-attacks on banks.
Secretary to President Lalith Weeratunga launched the new system at the Central Bank of Sri Lanka yesterday (July 01) by sending out the first informational alert to all member banks.
The Governor of the Central Bank of Sri Lanka Ajith Nivard Cabraal expressing his views at the occasion said although Sri Lanka is not currently in a state of war and not facing foreign invasion, the country is ceaselessly engaged in cyber warfare, and a gap in the lines may bring the country's economy to its knees.
"Banks must maintain integrity, and protect sensitive privileged information, or the public will lose faith in the institutions. Therefore The Central Bank is committed to maintaining stability in the banking system," Cabraal said.
Introduction of a Bank CSIRT has become necessary because, though most banks and financial institutions in Sri Lanka have taken initiatives to establish information security measures, there is presently no formal collaboration between these institutions to pool critical information and knowledge for greater synergies in fighting threats and attacks.
Delivering the keynote speech at the launch, Secretary to the President said, CSIRT is one of the most important things in modern internet and banking. He stated that previously, if attacks originated within the country, they were easy to isolate due to the relatively fewer Information and Communication Technology (ICT) users compared with the present.
Weeratunga also revealed that many people have been victims of cyber-attacks recently, divulging their personal and financial information, and even transferring funds to the account of the attackers.
"Invasion of information systems occur daily, however, a sudden spike in major phishing attacks, over 250, were recorded during the recent turbulence in Aluthgama, with attackers attempting to take advantage of the chaos."
"To my mind, it is one of the most important and timely initiatives we have taken in the modern age of IT and banking," Weeratunga said.
"In the way we are connected to today, we have opened many new avenues for people to attack you. Invading our information systems happens on a daily basis. Many years ago, for someone, through some kind of manipulative measure, to get into your IT account and for it to be located were easy, because there were not many Internet or IT users. But today, this is extremely complex," he said.
Weeratunga commending the Computer Emergency Readiness Team | Coordination Centre (CERT|CC) the national CERT which created CSIRT said the team is up to the challenge of protecting the country's data, and act as the country's front line soldiers, fighting the war thanklessly, away from the public eye.