April 26, Colombo (LNW): Questions are being raised over possible lapses within a key institution following the diversion of a US$ 2.5 million foreign debt payment, with authorities examining whether internal vulnerabilities may have contributed to the incident.
Deputy Minister of Digital Economy Eranga Weeraratne revealed that investigators have already gathered substantial evidence as part of the ongoing inquiry. While early concerns hinted at a potential cyber breach, initial findings now suggest a more deceptive approach may have been used.
According to the Deputy Minister, the incident appears to involve a carefully orchestrated impersonation scheme. Fraudsters are believed to have created a web domain and email address closely resembling that of a legitimate international entity, enabling them to convincingly pose as authorised representatives. This, he explained, led officials to process the transaction under false pretences.
He indicated that the communication used in the scheme was sophisticated enough to bypass routine scrutiny, with only minor discrepancies separating it from genuine correspondence. These subtle differences, he noted, may have gone unnoticed, allowing the fraudulent instructions to be acted upon.
Despite speculation, Weeraratne stressed that there is currently no conclusive evidence pointing to deliberate involvement from within the institution. Instead, the focus has shifted towards identifying procedural weaknesses and improving verification mechanisms to prevent similar occurrences.
He added that investigations are continuing, with authorities working to establish a full timeline of events, identify those responsible, and determine how the deception was executed. A detailed report outlining the findings and recommended safeguards is expected to be released once the inquiry is complete.