The Evolution of Cyber-Attacks in Sri Lanka

The Evolution of Cyber-Attacks in Sri Lanka

As you are already aware, cyber-attacks reported within the country has become more common in the recent past. Reflecting on these attacks, we noticed three trends that have been explained below:

Drastic increase in threats – Over the past two-to-three years, we have noticed that the number of cyber-attacks targeting Sri Lankan-based enterprises has been drastically increasing. We hear more stories about successful attacks compared to attacks that were detected and mitigated at their early stages.
Increase in the complexity of attacks – We aren’t talking about isolated, annoying viruses anymore that make our life a little difficult, for example folder.exe., rather attacks that go through multiple stages spanning over a period of time. Attackers improvise and adapt to the environment and leverage stealth mechanisms to remain undetected until the very last stage is executed.
Exponential increase in the impact of attacks – The impact of modern attacks is increasing rapidly. We have come across many instances where large organizations have been brought to their knees and took days to recover. In addition to the financial loss due to the abrupt stop of business, money and resources been spent on the recovery process, many organizations suffer significant reputational damage. News travels fast and bad news travels faster. Some attackers even go as far as releasing samples of stolen data to persuade companies to pay ransom.

In order to understand the current cyber attack trends within the country, let’s analyze what has changed over time from an attacker’s point of view and from a defender’s point of view.

The Evolution of Cyber Attacks in Sri Lanka – From an Attacker’s Point of View

Looking at how the attacks have evolved from an attacker’s point of view, there are a few key points that we have observed.

Sri Lanka is no longer a hidden target – For some time, we had the luxury of reading about attacks only in news or tech blogs. It was very rare for us to be at the receiving end of a cyber-attack. But that isn’t true anymore. Attackers have their eyes set on enterprises in Sri Lanka. With acceleration in digital transformation happening and changing work dynamics due to the prevailing pandemic, Sri Lanka is more visible to attackers who now view it as a viable target.

Attackers collaborate – Just like we collaborate to defend our organizations, attackers too have started to collaborate in order to be more efficient when running attacks. It is no longer required for a single attacker to run all the stages of an attack by themselves, instead they collaborate and function as a tag-team. For example, one attacker group may have expertise in stealing credentials, while another has expertise in stealing data or running ransomware attack campaigns. In such an instance, the former would tend to sell the credentials they stole to the latter, so they can run a ransomware attack. This enables the attackers to focus on what they are good at.

Everything is available at the right price – I believe most of us are familiar with the term XaaS (X-as-a-Service). Customers prefer to consume functions in the form of “as-a-Service” since you can get what you want without having to worry about the underlying technologies and maintenance overheads. This is true with attackers as well. Attackers rent out their infrastructure or services to interested parties to run attacks expecting a percentage of earnings in return. For example, Ransomware-as-a-Service (RaaS) is a very common thing these days.

Easy way to earn money – If you have been following the news and have been monitoring professional social networking sites such as LinkedIn, you will notice that there are a lot of professionals who are seeking work due to the effects of the pandemic. Attackers seek to lure such individuals by showcasing the potential of earning a quick buck.

The Evolution of Cyber Attacks in Sri Lanka – From a Defender’s Point of View

Cyber-attacks are no longer a smash and grab operation – In the past, it was very rare to experience an attack that had multiple stages and most attacks rarely spanned over a couple of hours. But now we experience attacks that have many stages, such as initial compromise, credential theft, privilege escalation, lateral movement, detonation, and these span over a period of time which could range from a couple of days, weeks, to even months. This makes it incredibly difficult to detect if you do not know where to look.

Attackers actively participate – Attackers have become more involved during the period the execution takes place. They no longer release viruses or worms and expect them to do the job on their own. Instead attackers are focused on creating and maintaining communication channels to the victim networks and dictating how the attack is executed. This enables them to be more devastating since they could quickly adopt and circumvent any changes the defenders place in order to thwart such attacks.

No more bringing your own tools – In the past, most attacks were done using tools created by attackers for that particular purpose. This made it easy for security solutions to detect such tools and prevent them from executing. But this is no longer the case. Attackers prefer to improvise, hence whenever possible, they would leverage legitimate tools used by administrators to carry out the attack. This is also known as “living off the land.” This makes it very difficult to detect since we would always have to consider the context of an event before deducing if it is malicious or not. One example would be an attacker compromising your software distribution tool to deliver a malicious payload within your network. Without knowing if the payload is malicious or not, you cannot accurately say if this activity is malicious or not.

Multiple entry points to exploit – In the past, an enterprise had an easier job protecting their networks since the perimeter was clearly defined. Anything within the organization’s premises was considered to be trustworthy and anything coming from outside was scrutinized before allowing access. But with the “New Normal” everything has changed. It is no longer about who is inside your premises and not since many or even all employees are working from home, connecting via secure links and have direct access to the heart of the organization, which are essentially the critical business applications. These devices that are allowed to connect are rarely scrutinized, hence act as easy entry points for attackers. This has made the defender’s lives much harder since now they must focus on multiple entry points (in some instance even unknown) rather than the few well-defined entry points they used to have.

In summary, the attack landscape has drastically changed and keeps changing, and attackers are becoming increasingly effective with time. We have a fare doubt in our minds whether we are putting enough effort to protect ourselves against these attacks. The time has come for us to up our game as defenders and work towards advancing our techniques in order to defend against the attackers who will never rest.

Rukmal Fernando
Associate Director – Cyber Security
MillenniumIT ESP

MillenniumIT ESP’s HealthVision Platform Revolutionizes Teletherapy and Sets the Stage for Global Impact

MillenniumIT ESP’s HealthVision Platform Revolutionizes Teletherapy and Sets the Stage for Global Impact

When MillenniumIT ESP (MIT ESP), along with the MJF Charitable Foundation (MJFCF), repurposed and adopted the HealthVision tele-medicine platform last year, they created a global benchmark in supporting children with special needs as well as their families. Almost a year later, the project has culminated in MIT ESP becoming a ‘Finalist – Microsoft Partner of the Year’ under the Inclusion Changemaker Category for its contribution toward this timely requirement of teletherapy services for children with Cerebral Palsy. This is only the beginning of what’s in store.

In October 2020, MJFCF and MIT ESP launched disABILITY – an app designed to support children with disability and their families by connecting them to expert guidance. The launch coincided with the World Cerebral Palsy Day and the application was aimed at complementing the MJF Foundation’s disability advice channel on YouTube in reaching children and people with disabilities in remote parts of Sri Lanka. The disABILITY app powered by HealthVision has been extremely successful and received well.

Children with special needs and their caretakers are now able to directly communicate with the MJFCF Team via audio, video and chat facility through a tri-lingual service. Moreover, the platform’s remote monitoring and response ability ensures patients’ health status can be brought to attention early enough so proactive intervention and individual care can be provided as and when required.

What’s significant about the award?

Microsoft’s Inclusion Changemaker Partner of the Year Award recognizes partner organizations that go over and beyond in offering innovative and unique solutions or services based on Microsoft technologies. These solutions are often those that aim to help customers solve common challenges related to diversity, economic access, digital inclusion, and accessibility.

The purpose of inclusion changemakers is to drive digital transformation toward a more inclusive and equitable world. This year, around 100 countries submitted over 4,400 projects.


What’s special about the tele-medicine platform?

  • Aims to increase greater awareness about Cerebral Palsy (estimated at around 40,000 people in Sri Lanka and 17 million around the world).
  • Fosters greater communication to address stigma around those with disabilities and encourage acceptance, respect and inclusion.
  • Promotes knowledge sharing and therapy, especially for children in Sri Lanka, around regions where access to such services is limited.
  • Ensures continuous care during crisis times, such as the lockdown due to the pandemic, where physical presence is deemed risky.
  • Insights into progress of care provided by using techniques that combine learnings with regular therapy.


Functionality and capabilities

MIT ESP adapted its Remote Patient Management platform, HealthVision, to assess, diagnose and continue online therapy for children with Cerebral Palsy and other special needs.

The uniqueness of this platform is its end-to-end capabilities, encompassing disability screening, pediatric diagnosis, early identification and intervention, multi-disciplinary team support, and therapeutic, educational and rehabilitation services. The platform also provides mobility aid support, child progress monitoring and follow up, as well as live video teletherapy. All these capabilities are seamlessly integrated with flexibility and agility at the core to easily adapt to specific use cases. The use of data analytics and Artificial Intelligence (AI) further adds value by providing analytical capabilities for faster and accurate decision making.

Platform features

  • Remote teletherapy and video conferencing – Realtime video teletherapy services connect patients (children) and their caretakers with the MJF Centers anytime, anywhere. This facility also allows for patients who live in remote parts of the island to easily connect with healthcare service providers via this platform.
  • Customizable assessment workflows – The MJF Foundation can customize and enable new assessment workflows to capture valuable information from patients and then assign them to their physiotherapist teams.
  • Multilingual capability – The application is supported by Sinhala, Tamil and English languages, catering to all three languages spoken in the country.
  • Data analytics and Machine Learning (ML) – The data gathered by the platform is used to create real time insights via dashboards. In addition, physiotherapists’ comments and reviews are taken into consideration in developing a ML model to help identify disabilities during the early stages and proactively provide care.
  • Omnichannel access – The application is developed to support mobile and web responsive access. It can be used via both Android and iOS supported devices.

HealthVision is designed as an asynchronous, near real-time platform to solve the challenge of meeting the ever-growing demand for healthcare with the limited capacity of healthcare providers. State-of-the-art technologies such as analytics and AI, coupled with automation will help further reduce the overall cost per engagement, making access to quality healthcare viable for everyone.

The use of HealthVision ensures the reduction of healthcare risks where deterioration in a patient’s health status can be brought to a provider’s attention early enough, enabling proactive intervention and personalized care, and assisting their caregivers, teachers and trainers who work with special needs individuals.

MillenniumIT ESP Team

The Ins and Outs of Ransomware-Attacks in Sri Lanka

The Ins and Outs of Ransomware-Attacks in Sri Lanka

A few years ago, Sri Lankan enterprises were fortunate that they only had to learn about cyber-attacks, such as ransomware, through media and Tech blogs, depicting horrifying stories on how such attacks brought large enterprises to their knees. Attackers forced helpless organizations, which were large in size and significant in terms of brand, to pay massive amounts of ransom to retrieve their stolen data. These organizations were heavily dependent on information technology to carry out their work. Many of us didn’t think such attacks would hit home due to a perception that we may be less appealing to such attackers. But that has changed. The question that organizations face is not “if a cyber-attack will happen?” rather “when will a cyber-attack happen?”

Many customers have recently reached out to us when they were hit by such an attack or when they suspected they were being attacked. Therefore, we have had our fare-share of experience in helping organizations to identify, respond, protect themselves, and recover from these cyber security incidents. When there’s news of a cyber-attack close to home, customers often reach out to us and ask questions such as – What actually happened, Do you know how we can check if we will be targeted, What do we need to do to make sure we will not be victims. Taking all of this into consideration, we wanted to share our experiences in dealing with such attacks, explain how these generally happen and possible preventive measures you can take to protect your organization.

From what we’ve gathered, most of these attacks have the following major steps, which I have explained below:

1. Initial compromise
2. Privilege escalation
3. Lateral movement
4. Persistence
5. Data theft (Less Common)
6. Payload detonation

The Initial Compromise is where the attackers gain access into your network, and there could be many ways in which this could happen. It could be as easy as brute forcing a Remote Desktop (RDP) session you have opened to the Internet to help with your remote working or it could by exploiting any zero-day vulnerability (or a very recently discovered vulnerability which hasn’t been patched) of your Internet facing webserver. A few ways to reduce the risk of the initial compromise is to expose Remote Sessions via a secure remote access VPN (with multifactor authentication), make sure you regularly patch your Internet server and ensure you do not expose unwanted services to the Internet.

Once the attacker gains access to your network, they explore to understand what sort of activities can be performed on that network. In most cases, the attacker tends to perform what’s called Privilege Escalation – in simpler terms, this means they try to elevate their level of access. To do this, they would try out methods such as guessing the passwords (Yes, mycompany@123 can be a very common password) or look for passwords stored in text files (Yes, this sounds very trivial, but the truth is when administrators force you to maintain strong passwords we often resort to simple means of remembering them, i.e. text files) or more complex methods such as running exploitation tools like mimikatz to steal credentials. The higher the access the attacker gets, the more damage they can do to a network. As a preventive measure, you can always try to force users to use complex passwords and educate them on how to keep the passwords safe. You could also monitor your user activity to detect abuse and misuse.

The next step of the attack is the Lateral Movement. In other words, once the attacker gains higher privileges on your network, it starts spreading the payload to all possible victim devices to cause more harm than damaging a single machine. Many would ask what makes a ransomware attack so devastating? The answer is its behavior of launching attacks on multiple devices within a small timeframe. This is what makes them so devastating and enables them to bring down organizations within a few minutes or hours. Most attackers utilize vulnerabilities on your network (e.g. the eternalblue exploit) or they would abuse legitimate tools to spread the payload. The abuse of legitimate tools can be very hard to detect as in most cases since the activity is done in such a manner that it mimics legitimate user behavior. Therefore, it’s very difficult to differentiate if the entire activity is malicious or not without proper context. For example, consider an attacker gaining access to the server that you use to distribute software in your organization. They can use this same tool to distribute the malware as well. A few methods of detecting and preventing lateral movement would be to properly segment user privileges, make sure all your devices have UpToDate security patches, your network is properly segmented and firewalled (a common thing we see is that although you tend to protect your network from the external entities, you rarely practice segmentation internally. Hence, when a network gets compromised, it is easy for the attacker to travel within your network), monitor suspicious usage of privileged accounts and limit what privileged accounts could do in your network.

The next step of the attack would be to make themselves Persistent in your environment. Many attackers put in a lot of effort to gain access to your network and the effort is mostly proportional to the amount of security you maintain on the network. Once this is done, the attacker would hate to lose access via a reboot or change of credentials or other interruptions. Hence, they deploy methods such as using the group policy feature of windows environments, registering as a service, creating scheduled tasks, and creating new accounts to make sure they will not lose their control abruptly. A few methods of detecting and preventing such attempts would be to limit what actions user accounts can perform, monitoring suspicious user creations (e.g. users created during off hours) and monitoring group policy or other services related changes.

Before moving to the final stage of the attack, attackers may opt to steal your data – Data Theft. This isn’t a very common move, but we have witnessed some instances. If attackers sense that your data would have a substantial black-market value or that your brand image would be gravely damaged by certain information becoming public, then they would decide to exfiltrate your data. A common method of stealing data could be uploading the files to a file share site (it’s very common for administrators to allow file sharing sites to make their day-to-day work easy but keep in mind attackers too could exploit these same paths). The methods of preventing or minimizing such data loss would be to implement Rights Management Systems (this will help you to make sure that even if the data is exfiltrated the attacker cannot use it), implementing Data Loss Prevention Systems (will detect/prevent when data is been exfiltrated) and block file sharing sites that aren’t needed for work-related matters.

The final step of the attack would be Payload Detonation. Unfortunately, it’s at this stage most organizations learn that they have been attacked, and by the time the initial panic phase has passed, a lot of damage might have been done already.

There are two types of payloads that we have come across – Cryptominer and Ransomware. Cryptominers do not exhibit any visible damages on your machines and would rather utilize your resources such as CPU and RAM to perform crypto currency mining. In such a situation, you will notice heating up, slow performance, huge bills for your cloud consumption, and abrupt crashing of your devices.

Ransomware is the more devastating type of payloads we see. It will start encrypting the commonly used file types, such as documents, videos and photos, and at the end, it will display a note stating what the attackers have done, laying out their demands, what will happen if you do not comply, and in case you want to comply how the money should be transferred. Attackers use crypto currency as the medium of paying ransoms as this method is more difficult or impossible to trace. Once the ransomware is detonated, it could effectively bring down your entire IT infrastructure. It could encrypt the end user devices as well as the servers that host your critical systems, such as application servers, database servers and email servers. In case the attacker has stolen your data, this is the stage where they will communicate to you about the ransom you need to pay to prevent the data from being released to the Internet. They would even go ahead and share a sample of the stolen data to make sure you know they’re serious.

Reputational Damage Is Far Worse Than Data Leaks

Many organizations do not opt to pay (or cannot afford to pay to recover everything that has been encrypted). Hence, they resort to restoring their systems from scratch, which takes a lot of time and effort. This, in turn, results in massive delays before the organization can get back online to serve their customers. Although the most visible damage of these attacks is done to the IT infrastructure, the biggest, unforeseen damages are to the brand identities of these organizations. News travels fast and bad news will travel even faster. No organization will ever want their names associated with such an event, and any negative media coverage and reputational damage could be made far worse by releasing your confidential data to the public domain.

A pertinent question customers ask during the final stage of an attack is “Why can’t my signature-based antivirus software detect this malicious file (payload)?” The answer is that in many scenarios, attackers change the signature (hash) of the payload before using it during the attack. Many legacy antivirus software solely depend on signature updates, and if the signature isn’t in the database, it is very easy for the attacker to bypass the antivirus tool.

Quick Detection, Quick Response and Strong Recovery Plan

Many organizations take a long time to detect such attacks. And when they do, it is sadly at the final stage of an attack. One main reason for this is that most customers utilize legacy detection mechanisms that have a very narrow visibility instead of adopting more current detection mechanisms which have a broader, in-depth view of the environment.

Based on our recent experiences and observations, many organizations take a long time to get their critical business services up and running or in other words, they take considerable amount of time to execute their business continuity plan (BCP). Moreover, although many organizations have satisfactory BCPs and DRPs (Disaster Recovery Plan) in place, almost all of them are rendered little or no use to safeguard from these attacks. Most of these plans have been formulated to protect organizations against events such as natural disasters, power failures, terrorist threats, assuming the backups will be available to start their recovery. Attackers generally know this and will start by targeting the backup systems as the initial attack points before moving toward other critical assets. This way the attackers know they can force the victim to pay up since they have no other means of recovering.

Another interesting fact about these attacks is that most of the activities happen either during early hours or during holidays. The main reason is that attackers try to leverage human weaknesses (even security operations centers are less alert during these times) to their advantage.

In summary, based on our observations, we can no longer consider Sri Lanka as a country with a very slim chance of being attacked. And these attackers seem to always find enough ways to circumvent defenses employed by most organizations and continue undetected till the very last stage. Many organizations need to rethink and plan their BCPs and DRPs to safeguard from ransomware attacks.

In the past, organizations believed in the concept of “Survival of the Strongest,” i.e. if you keep increasing your defenses, you can prevent any cyber-attack. But now, we believe organizations need to equally focus on the concept of “Survival of the Fastest,” which means it is inevitable that your organization will be targeted by an attacker sooner or later, and when that time comes, what matters is how fast you can detect, contain and recover. In other words, the speed at which you react to contain and recover from such an attack will define how your organization will withstand such an event.

Rukmal Fernando
Associate Director – Cyber Security
MillenniumIT ESP

MillenniumIT ESP: Your Complete Enterprise Solutions Provider

MillenniumIT ESP: Your Complete Enterprise Solutions Provider

MillenniumIT ESP (MIT ESP) turned 25 in January this year. Having joined the company just a few months prior as CEO, I had the opportunity to reflect on the company’s journey over the past two and a half decades along with the team. It was an inspirational and insightful exercise that highlighted the work done so far in terms of achievements by the MIT ESP team and what it was capable of doing in the future as well. Many transformational, turnkey technology projects had been successfully executed and delivered, changing not only the business landscape of our customers but also, in some instances, positively impacting the technology landscape in Sri Lanka. Over 500 customers across all industry sectors have seen MIT ESP in action through the delivery of an estimated 2,000+ projects, both locally and internationally. The trust and confidence gained has resulted in many customers continuing to work with us, some even for as long as 25 years!

The core that has held everything together to make this happen has been the 1,000+ people who have walked the floors of MIT ESP at some point in their careers. The company currently employs 400+ people with more than 60 people who have served for more than 10 years, and nearly 10 of them for more than 20 years. This is a valuable amount of experience retained in the company, mostly attributed to the culture and environment that the team has cherished and nurtured for decades. This also means that the current team possesses an incredible amount of knowledge and experience gathered from successful projects as well as important lessons from the challenging ones.

MIT ESP is widely known as one of the oldest, largest and premier Systems Integrators in Sri Lanka. However, over the years, with the accumulation of knowledge, skills and experience gained, the company now goes far beyond that of a typical Systems Integrator. This evolution prompted us to take a step back and consider how we Reimagine and Reinvent ourselves, staying true to our tagline which has done just that for our customers for years. We spent several months as a team brainstorming on what we are good at, the knowledge and skills we want to build to be competitive in the future and what is needed for us to be competitive globally as well. Bringing it all together, we felt that we needed to refresh our positioning from being a ‘Systems Integrator’ to a ‘Complete Enterprise Solutions Provider.’ In order to effectively deliver on this positioning, we have repackaged our business and restructured ourselves to ensure we focus on the relevant technologies that make us a Complete Enterprise Solutions Provider.

Expertise in Core Infrastructure has been the mainstay of the company through the experience gained as a Systems Integrator. Our Core Infrastructure unit will continue to ensure our customers are provided with optimum infrastructure solutions at optimal cost and will deliver, deploy and support everything to do with compute, networks, storage, data centers, database, middleware, etc.

We believe all enterprises have an imminent journey to the Cloud and at least a part of their technology solutions will have a heavy reliance on cloud technologies in the future. Our Cloud focus will help customers with their Cloud infrastructure, assessment and migration to the Cloud, integration with Cloud technologies and Cloud providers, and help with managing overall Cloud operations.

Cyber Security is now a key consideration regardless of the nature and extent of the IT footprint of any enterprise. Cybercrime is at its peak with remote technology interactions increasingly taking place and hackers who are continuously scouting for vulnerabilities and opportunities looking to capitalize on ransomware. Our Cyber Security expertise will support enterprises by providing consulting on security architecture, vulnerability assessments and compliance, and also providing solutions that secure endpoints, networks, applications data, etc. Managed security operations also take away the burden and overhead from enterprises of having to continuously monitor and protect their technology operations.

Enterprises are increasingly relying on applications to automate their business operations, reduce rework, increase accuracy, and improve collaboration. Our Enterprise Application focus will take a Cloud First approach to provide enterprises with the optimum technology to achieve these objectives and also provide support to manage and maintain internal applications. We also offer specialized expertise in Banking Technology, including core banking, treasury and other financial technology solutions that have been deployed and supported across many financial institutions over the years.

Capabilities in making technology intelligent has matured significantly making it very much a part of optimizing overall technology solutions. Our Intelligent Automation and Data unit focuses on providing solutions based on Robotic Process Automation (RPA), Artificial Intelligence, Machine Learning, etc. to improve overall productivity and efficiency. We combine our approach to automation with our expertise in IoT and sensors and Data to create a powerful proposition of optimizing enterprise data architecture, correlating data across systems, enabling intelligent automation of workflows, and providing better insights that ensure enterprises are enabled for data-driven decision making.

Technology has had a significant impact on new constructions where buildings, offices and cities are increasingly becoming ‘Smart’. Our focus on Smart Buildings is geared towards setting up the technology infrastructure required to make buildings smart, including structured cabling, access points, telephony, and other sensor-based components. Our expertise also extends into providing building management solutions, parking management, security and surveillance, and other technologies that optimize building operations.

Managed Services bring it all together where our fully fledged Network Operations Center (NOC) and Security Operations Center (SOC) are able to take away operational overhead of managing applications, storage, databases, security, networks or even entire IT operations based on industry best practices and standards while also providing significant cost savings. This is a proven capability with state-of-the-art facilities that remotely manage IT for many global customers.

In order to provide the above capabilities, we continue to leverage our long-standing partnerships with industry leading technology providers – a pool that has now grown to nearly a hundred. Some of the partnerships extend over two decades and have given us the opportunity to elevate our expertise and status to a level second to none in the region, resulting in the capability to deliver best-in-class solutions to our customers. We also combine this with a Customer Success based approach to delivery where we deploy an engagement model that brings in learnings from 25 years of delivering large, complex projects in order to ensure on-time delivery, quality, customer satisfaction, and commercial assurance.

As CEO of MIT ESP, I take this opportunity to thank all customers, partners and our own team for what the company has achieved over the last two and a half decades. We now look forward to supporting our customers in bigger and better ways as a Complete Enterprise Solutions Provider!

Shevan Goonetilleke
MillenniumIT ESP

Working from Home: Tips & Bytes

Working from Home: Tips & Bytes

If correctly done, you can be more productive and focused. Some tips based on my experience as I have done this quite often over the last 10-15 years during my short work from home overseas stints…

Daily work routine
  1. Mindset – It is important that you place yourself in a work mindset than a lazy holiday mindset. Wake up in the morning on the same basis as you would be doing on a normal office day and get on with the routine, only difference is that you have additional time due to no travelling requirement. You can use this time either to sleep or do your personal work. I do the latter as that way when things are back to normal your biological clock is ready.
  2. Have a separate place/table for your computer/devices and books. That helps focus and be in that mindset. Your children could do the same.
  3. Attire helps. If you are with the PJ’s, the mindset will not change. Wash and change clothes (not office attire but fresh casuals), thus you are ready to kick off.
  4. Take water breaks and tea breaks but work on a table at least for a couple of hours at a time.
  5. Remember, the concept is that you have only changed the physical working location.Work has not changed nor should your attitude towards work change. You are expected to be fully available during working hours.
Other activities – (Social/Casual)

If you have extra time at home, latch onto something interesting. Make sure your children do the same. There are hundreds you can select from but make them useful as much as possible. Time is money. Here are some options from my own personal experience:

  1. Enroll with web-based education. ‘Udemy’ is an example. Take a small course on whatever you like. It can be even a new language or playing an instrument or meditating. These are not very expensive.
  2. Complete that personal note/journal that you always wanted to do.
  3. Make that picture album from existing pictures in your hard drive.
  4. Clean up your inbox, which otherwise usually is cluttered.
  5. One-hour home lessons on ‘values’ for kids. We hardly spend time on this.
  6. Decluttering techniques for home and office.
  1. Sleeping throughout the day or more than required.
  2. Online videos/films and games.
  3. Minimise social media. This could be a killer.
  4. Minimise travel these days. Practice social distancing for greater good of mankind.
Have fun and work smart!
Murali Prakash
Group Managing Director/CEO
Ambeon Group

In Search of Sri Lankan Unicorns

In Search of Sri Lankan Unicorns

Here’s a Billion Dollar question!

Who is going to be the first Sri Lankan Unicorn? The first Sri Lankan startup with a billion-dollar valuation?

How many Unicorns can Sri Lanka produce in the next five years?

Merely asking that question changed my perception, from an “If” to a “Who” and a matter of time.

In the last five years, twenty more countries have joined the Unicorn Club. These include countries such as Indonesia, Colombia, Philippines, Estonia & even tiny countries like Malta.

Our next-door neighbour, India now has 19 unicorns with 5 more awaiting to be added to the list within the year 2019. By the end of this year, India will dislodge United Kingdom to claim the third spot in this prestigious club.

So, “Why not Sri Lanka?”

“Are we not a nation rich in intellectual capital?”

“Are we not a nation rich in creative capital?”

“We are the island of ingenuity!”

“We should be on that list!”

To understand the current context better, let’s look at some trends!

There is a proliferation of Unicorns around the world. Unicorn population is growing, and their birth rate is increasing.

In 2011 only 4 companies attained Unicorn status, but in 2018, 79 Unicorns were born. By Q3 of 2019, 76 companies have attained unicorn status. It is expected to cross 90 by the end of 2019

Unicorns are getting younger! Their average age has reduced from 40 months in 2011 to 20 months by 2018.

What is fueling this rapid proliferation and acceleration?

What is happening around us?

Are we actually in the midst of a revolution, the 4th Industrial Revolution?

In my view, it’s a little too early to be 100% certain. Usually, a revolution becomes a revolution when the revolution is over, when we see irreversible changes in the social, political and economic fabric around us.

But there are glimpses of credible evidence leading us think that we most probably are. Here’s why!

Any revolution, be it industrial or otherwise, has three key elements.

The disruptors that can challenge the status quo;

The ideology that draws masses into subscription;

And finally, the outcomes that change the social, political and economic fabric around us, permanently.

Currently, we clearly see three waves of disruptions!

The wave of Analytics which started around 2010, has already peaked.

The second wave, Augmentics is rising and it will crest within the next decade. Augmentics are technologies that enhance human capabilities; such as Computer Vision, Natural Language Processing, AI and Brain-Computer-Interface.

The third wave of Autonomics is just emerging. Autonomics are technologies that make machines self-sustaining, self-governing; Self-driving cars are just the start.

We envisage these disruptions to take place over the next 25 to 30 years.

If we are convinced that we are amidst a revolution, here’s another intriguing question!

“What are we revolting against, and Why?”

This leads us to the ideology which is fueling the revolution.

The past industrial revolutions, among many other ideologies, had one in common. This is the utopian ideology of liberating humans from labour; work less and live more.

liberating humans from both physical and mental labour is an underlying ideology of the fourth revolution as well. But this time around we see three libertarian ideologies taking over and spreading across the world.

For libertarians of the world, concentration of economic, political and military power are the sources of all evil.

They foresee a just and equitable world through decentralization.

Our value chains are infested with intermediaries, taking the lions share out of them, which fuels the call for dis-intermediation.

The ideology of true democratization is gaining momentum around the world to give choice back to everyone in everything we do.

The long-term outcomes of the 4th industrial revolution are too early to predict, but we can see three key aspects of our lives are changing; Work, Wealth and Wellness.

Work will change drastically in the future, not only the type of work humans will do, but also how much work humans will do.

We see countries and companies trialing out 32-hour work weeks at present.

But, 30-hour work weeks will be the norm of the future, across the globe.

The wealth of the world is changing. This is mainly due to fact that the assets that we leverage to create wealth are changing.

We see three new asset classes emerging; Data & Insights, Community & Influence and Collective Intelligence.

All exponential growth companies leverage at least one class of these assets, even at present.

Finally, the very meaning of wellness is changing. Advances in healthcare, new thinking in welfare, leisure redefined by digital experiences, convenience brought to us by technology are elevating our quality of life.

Everything we discussed so far present us with both challenges and opportunities. The opportunities are immense as these are the times the status-quo is challenged.

These are the times the rules are broken, and the new ones are re-written.

These are the times an unfair advantage awaits the bold.

These are the times countries like Sri Lanka can gain that unfair advantage.

Isn’t this the most opportune time in our lifetime to put Sri Lanka back on the world map?

So, how do we capitalize on these transformations and disruptions?

We don’t have a crystal ball to see the future, but we should be ready to capitalize on any challenge thrown at us.

We need to be agile to respond to the rapid changes in technology, markets, consumer behavior and everything else around us.

We need to be creative to find answers to humanity’s toughest problems.

Here’s why we at MillenniumIT ESP are transforming ourselves to be an Agile Creator!

So, how can we be a part of this exciting journey?

At present a vibrant startup Eco-system is emerging in Sri Lanka. A lot of companies, industry bodies and angel investors have come to fore to create this.

But we see a considerable void; lack of adequate support for startups beyond seed stage.

We want to join hands with the existing incubators, accelerators and angel investors to elevate Sri Lankan startups to the next level.

Our proposition is not only to provide next level of funding but also to provide market access and technology.

Over the last 25 years MillenniumIT ESP has built credible relationships and robust channels in many markets. We want to partner with you to carry your products and co-sell.

We are also bringing Technology Providers, Knowledge creators and communities together to build skills and competencies in technologies of the future, such as Machine Learning, Data Science, Cognitive computing and IOT. We want to partner with you for technology to co-build your products.

We invite everyone to join hands to co-build, co-sell and co-own and elevate Sri Lankan startups to the global scale.

Now, let’s ask ourselves that Billion Dollar question again!

Who is going to be the first Sri Lankan Unicorn?

It is us!

It’s here!

And the time, is now!

Here’s to us, the future unicorns!

Rahal Jayawardene
Head of Technology Alliances and Innovation
MillenniumIT ESP

Visioning Technology

Visioning Technology

  • Beyond Competitive Advantage…

Our operating philosophy, born out of our two decade-long experience as a technology leader, is that technology is not just a tool to craft competitive advantage. The true potential of technology lies in its power to deliver growth through the discovery of new value.  We are a relentless catalyst of industry ambition to invent solutions to economic, industrial, and social challenges.

Our philosophy underlies our conduct as an industry leader.  We do not see industry leadership as an entitlement or a privilege. We shoulder many obligations: championing socially responsible technology, upholding the social license to operate, setting new industry standards, nurturing industry players, creating a conducive industry fabric, and leveraging technology as a source of sustained shared values.

Our birth as MillenniumIT ESP was marked by the bold move to create an indigenous technology for Colombo Stock Exchange (CSE). The automation of CSE was an inspiring hallmark in the Sri Lankan technology landscape and contemporary economy that provided growth impetus to the then fledging equity market of Sri Lanka.

The exchange-technology business of MillenniumIT ESP rapidly grew to become a global player and a part of the London Stock Exchange Group.

MillenniumIT ESP’s intention to bring best-of-breed enterprise technology solutions to Sri Lanka through our entity started as the “Enterprise Solutions” (ESP) division. We, over a period of two decades and in partnership with leading global players, have grown to become the leader in enterprise technology.

Today, we provide a broad spectrum of mission-critical solutions in a wide variety of domains: telecommunication, media and entertainment, logistics and shipping, financial services, export manufacturing, and citizen services.

We have been building momentum to transformative adoption of technology by leading blue-chip companies. Among our customers are some of Sri Lanka’s leading corporates from industries such as Banking and Finance, Telecommunications, Manufacturing and Leisure.

We are enabling our customers to; integrate with the global supply chain and successfully compete in the global economy, create competitive value propositions and deliver seamless multi-touchpoint customer experiences, advance financial inclusion, build defense capabilities against cyber threats of all forms, optimise human productivity through cognitive computing.

Underlying our successes in delivering value to our customers is the symbiosis we have built with globally leading tech powerhouses. Today we are a preferred partner of IBM, Microsoft, ORACLE, CISCO, and Infosys in the region. The accolades and awards our partners have bequeathed us are a testament to the trust and admiration we have earned.

As a part of Ambeon, an industrial and financial conglomerate with a global footprint, we are even more vigorous in preparing our customers to face future challenges through enterprise technology.

Uncertainty, volatility, and disruption are hallmarks of technology. Thus, attempting to predict the future could be futile. Through adaptive strategy and by being agile, we are ready to shape the future in the most productive, and socially and environmentally responsible manner.

Visioning technology to reimagine and reinvent the business model and architecture of our customers, amidst growing uncertainties, will continue to be our core purpose.

Murali Prakash
Group Managing Director/CEO
Ambeon Group

Save Humans From Becoming Robots

Save Humans From Becoming Robots

  • Leading Edge AI Driven Software Bots!

Service delivery flaws in “people operations” potentially impact productivity and weaken the employee experience, resulting in alienation.

On the other hand, functions such as call centres and help desks are fulfilled by people. They are generally locked-in repetitive physical tasks with minimal scope for job enrichment and career progress. Their work requires low cognitive capabilities.

“Repetitive work, such as answering calls to provide service information or copy-pasting digital documents, make people robots. Such tasks trap valuable human resources in low value adding operations,” Calvin Hindle of MillenniumIT ESP suggests. Calvin works on some of the new initiatives around emerging technologies such as cognitive computing, Machine Learning (ML), and Robotic Process Automation (RPA).

Elaborating on Calvin’s remarks, Danura Hewa Lunuwilage observes, “We, MillenniumIT ESP, are at the forefront of building next generation Artificial Intelligence (AI) driven software bots to free up human capital from low-value tasks to focus on higher-value tasks.” Danura is the Senior Consultant – RPA at Millennium IT ESP.

Apart from freeing talent from repetitive tasks, cognitive conversational solutions such as AI chat bots created by MillenniumIT ESP have impelled immense efficiency, increased positivity in customer experience, and streamlined business processes while reducing cost.

From the user standpoint, software bots deliver an easily accessible, faster, and more satisfying experience, which is always on, accurate, and secure compared to manual operations.

Unlike a human interface, software bots seamlessly gather highly accurate data on user behaviour.  The insights extracted from such data enable enterprises to improve user experience by closing service gaps.

The recently won “Virtual RPA Hackathon 2019” award, organised by the Sri Lanka Association of Software and Services Companies (SLASSCOM) is a testament to MillenniumIT ESP’s mastery in leveraging advanced computing. For the Hackathon, MillenniumIT ESP submitted a case study on an ‘Artwork Download Solution’ project the company had undertaken as part of a Proof of Concept implementation for a client.

The core business area of the client depends on the shared artworks, and any delay, mismatch, or miss-out meant losing business. As such, it is vital to find a reliable RPA solution that avoids human errors and standardises the artwork download process.  The solution MillenniumIT ESP built, Dbot: Download, Process, Report automates large file downloads for enterprises.

Calvin says, “The adoption of AI is still in its early stages in Sri Lanka, but we are witnessing a massive shift in the industry where almost all enterprise software applications are transforming to data driven or AI-driven. Previously, you would have to tell the software what to do, but now the software applications learn from historical data and tell the businesses what to do and would even provide unforeseen insights.”

MillenniumIT ESP Team