Sri Lanka’s Central Bank has mandated stricter reporting protocols for cyber incidents targeting licensed banks, responding to a sharp rise in cyber threats and financial phishing attacks in 2024.
The new directive, outlined in a recent circular, requires banks to report any information technology (IT) incidents, cybersecurity breaches, or online scams to the Central Bank within two hours of detection. These incidents are classified into three categories:
IT incidents involving system failures or disruptions with operational or reputational implications.Cybersecurity breaches compromising the confidentiality, integrity, or availability of bank systems and data.Online and digital scams, including internet fraud that deceives users into giving away sensitive information or money.
The Central Bank emphasized the need for “prompt and transparent” reporting to assess risks, mitigate service disruptions, and protect assets. This move comes amid alarming figures from the 2024 Kaspersky Security Bulletin, which reported 9,218 financial phishing incidents in Sri Lanka—a sign of increasingly sophisticated tactics used by cybercriminals.
Financial phishing, where fraudsters mimic legitimate financial institutions to steal banking credentials and payment details, is becoming a serious concern for both individuals and businesses. Attackers typically employ malicious links and attachments, leading to severe financial and reputational harm.
“Phishing attacks in Sri Lanka are a clear sign that cybercriminals are becoming more sophisticated,” said Sam Yan, Kaspersky’s Head of Sales for Asia Emerging Countries. He urged businesses to adopt multi-layered cybersecurity strategies, stressing that cybersecurity must be treated as a core business priority.
Kaspersky’s data shows the rise of phishing is particularly acute in the business-to-business (B2B) space, with companies increasingly targeted via fraudulent financial communications. The report also recorded over 8.6 million web-based threats and 12.5 million local malware attacks in Sri Lanka in 2024, highlighting widespread vulnerability.
To defend against this growing wave of attacks, Kaspersky recommends the following measures for organizations:Deploy anti-phishing technologies to detect and block malicious messages in real time.Train employees to recognize phishing tactics and report suspicious behavior.Implement multi-factor authentication (MFA) to enhance the security of financial transactions.
Kaspersky also offers the Kaspersky Unified Monitoring and Analysis Platform (KUMA), a solution designed to enhance event monitoring and cyber incident response.
While countries like Belarus, Moldova, and the Philippines remain global hotspots for cyberattacks, Sri Lanka is emerging as a key regional target. The Central Bank’s updated rules signal an urgent push to bolster the nation’s cyber resilience in the face of mounting threats.
