Ransomware Attack Overview

Victim Profile

An organization operating as Lanka Communication Services (Pvt.) Ltd., commonly known as LankaCom, is a telecommunications company headquartered in Colombo, Sri Lanka. Established in 1991, it operates within the telecommunications services sector and maintains a moderate-sized workforce of 51-200 employees.

Industry Standing

In the telecommunications sector of Sri Lanka, it holds a prominent position, offering a diverse range of telecommunications services. Its contributions significantly impact the connectivity and communication infrastructure of the region.

Incident Summary

DarkVault, a cybercrime group, has targeted the organization with ransomware, resulting in the unauthorized exfiltration of 1.1 GB of data, which has since been fully disclosed. With the ransom deadline of March 22, 2024, having passed, the situation is deemed critical, with the cyber risk factor rated as very-high. The organization must prioritize damage control measures, including breach assessment, risk mitigation, and the reinforcement of cybersecurity protocols to forestall future attacks.

Identified Vulnerabilities

The organization may have attracted threat actors due to its status as a telecommunications provider, holding valuable data and infrastructure. The combination of its moderate size and industry prominence could render it an appealing target for cybercriminals seeking operational disruption or ransom payments.

Sources:

• LankaCom LinkedIn Profile
• LankaCom Glassdoor Profile
• Dun & Bradstreet - Lanka Communication Services (Pvt.) Ltd.
• ZoomInfo - Lanka Communication Services (Pvt.) Ltd.
• WatchGuard Technologies - DarkVault Ransomware Tracker