By: Staff Writer
July 27, Colombo (LNW): Sri Lanka is facing an alarming spike in cybercrime incidents in 2025, underscoring the country’s growing vulnerability in the digital era.
The Sri Lanka Computer Emergency Readiness Team (SLCERT) has reported over 5,400 cybercrime complaints so far this year—a significant surge that signals the urgent need for stronger cybersecurity measures and public awareness.
The vast majority of these cyber incidents are tied to social media misuse, with Facebook accounting for nearly 90% of reported cases. Other platforms such as WhatsApp, Instagram, TikTok, and Snapchat have also become common venues for malicious activity.
Experts note a sharp increase in crimes facilitated by artificial intelligence (AI), including AI-generated malware, deepfakes, and phishing scams, which are now being used not only for financial theft but also for harassment and misinformation.
Sri Lanka’s digital landscape—with over 7 million internet users and widespread use of social media—has become fertile ground for cybercriminals.
Fake profiles, hacked accounts, and hijacked messaging platforms like WhatsApp have become rampant. Cyberattacks are increasingly targeting not only individuals but also key institutions, raising concerns over national digital infrastructure resilience.
In March, several banks were hit by ransomware attacks, leading to the leak of nearly 1.9 terabytes of sensitive data, including national ID images and financial records.
In June, the National Water Supply and Drainage Board’s SMS gateway was compromised, with customers receiving ransom demands via the agency’s official shortcode—a breach that highlighted serious flaws in public sector digital defenses.
The Sri Lanka Police and Criminal Investigation Department (CID) have issued multiple warnings about the escalation of crimes using encrypted apps like Telegram, Skype, and WeChat.
Authorities say many cases involve sophisticated online financial fraud, where scammers trick victims using fake investment returns or fraudulent remote job offers. Often, victims are manipulated into sharing personal data or laundering money unwittingly.
Even more alarming is the rise in cyber-enabled human trafficking. Young Sri Lankans are being lured overseas with fake employment opportunities, only to be forced into online scam operations under duress.
Law enforcement and cybersecurity agencies are now ramping up public awareness efforts. SLCERT and the Police urge users to avoid suspicious links, protect passwords and OTPs, activate two-factor authentication, and review privacy settings regularly. They also advise against transferring money received from unknown sources or sharing banking details online.
As Sri Lanka’s digital footprint expands, experts stress that proactive cyber hygiene, public vigilance, and stronger institutional safeguards are essential to contain this rising wave of cybercrime.
