Sri Lanka is witnessing a sharp rise in cybercrime linked to foreign nationals, as organized criminal networks relocate their operations following intensified enforcement efforts in parts of Southeast Asia. Countries such as Myanmar and Cambodia have recently tightened regulations and cracked down on illegal online activities, prompting these groups to seek alternative bases. Sri Lanka, with its expanding digital infrastructure and tourism-friendly visa policies, has increasingly become a target destination.
Recent incidents highlight the scale and sophistication of these operations. In early May 2026, a major raid in Rajagiriya led to the arrest of nearly 120 foreign suspects from multiple countries, including China, Vietnam, Malaysia, and the Philippines. Authorities discovered that the group had been running a coordinated fraud network from rented apartment units, equipped with laptops, mobile devices, and other communication tools. The operation was believed to be linked to large-scale financial scams targeting both local and international victims.
Just a day prior, another raid in Thalangama resulted in the arrest of 37 Chinese nationals suspected of engaging in similar cybercriminal activities. These arrests form part of a broader pattern, with over 460 foreign nationals being connected to cybercrime investigations between January and mid-April 2026. Law enforcement officials note that many of these individuals enter the country on short-term tourist visas and overstay while participating in illicit operations.
A particularly alarming case involved a cyberattack on Sri Lanka’s Finance Ministry in April 2026. Hackers gained unauthorized access to the External Resources Department, resulting in a loss of approximately USD 2.5 million. Investigators later traced the breach to suspicious foreign currency transactions dating back several months, suggesting a well-planned and sustained effort.
In addition to online fraud, authorities have intercepted attempts to smuggle electronic devices into the country. At Bandaranaike International Airport, several suspects were caught with hundreds of mobile phones and tablets concealed on their bodies, believed to be intended for use in scam operations. These devices are often used to run fake investment schemes or so-called “pig-butchering” scams, where victims are manipulated over time into making large financial transfers.
The Sri Lankan government has responded by strengthening its cybersecurity framework and enhancing international cooperation. A dedicated cybercrime division was established earlier in 2026 to address the growing threat, as daily reported cases continue to rise. Officials are also working closely with foreign governments, particularly China, to facilitate the deportation and prosecution of those involved.
As cybercrime becomes increasingly transnational, Sri Lanka faces the challenge of balancing openness with security. Authorities emphasize the need for vigilance, improved digital safeguards, and public awareness to combat this evolving threat.
By a Special Correspondent