The criminals have simply packed up and moved.
As regional crackdowns in Cambodia and Myanmar have tightened their grip on cybercrime networks, those networks have not dissolved — they have migrated. Sri Lanka, with its welcoming visa policies and reliable digital infrastructure, has become the latest address for operations that prey on victims across continents. The island's arrest figures — more than 1,000 foreign nationals in just the first five months of 2026, compared to 430 in all of 2024 — reveal not a new crime wave but an old one finding new shelter. It is a reminder that enforcement without regional coordination does not end criminal enterprise; it merely redirects it.
- Sri Lanka's cybercrime arrests have more than doubled in five months what the entire previous year produced, signaling that criminal relocation is accelerating, not trickling.
- Scam networks uprooted by crackdowns in Cambodia and Myanmar are reconstituting themselves on the island, personnel and infrastructure largely intact, only the address has changed.
- Sri Lanka's relaxed visa regime and high-speed internet — assets built for tourism and commerce — have become unintended gifts to transnational fraud operations.
- Regional authorities are caught in a displacement loop: each successful crackdown exports the problem rather than extinguishing it, rewarding jurisdictions that have not yet hardened their defenses.
- The speed of the networks' re-establishment in Sri Lanka exposes a gap between the sophistication of the criminals and the current coordination capacity of island law enforcement.
Sri Lanka is confronting a sudden and sharp surge in cybercrime activity, one that police spokesman Fredrick Wootler has framed in numbers difficult to ignore: more than 1,000 foreign nationals — predominantly from China, Vietnam, and India — arrested since January of this year alone. In all of 2024, that figure was 430. The year before, smaller still. What has not changed is the nature of the crime. What has changed is where it is being committed.
The explanation lies upstream. Cambodia and Myanmar, long home to sprawling scam operations, have mounted serious enforcement campaigns in recent years. Those campaigns have worked — within their own borders. But the networks they disrupted did not disband. They relocated, and Sri Lanka offered what any criminal enterprise requires: easy entry and a reliable connection. The island's visa policies are among the most permissive in the region, and its internet infrastructure is robust enough to support fraud operations targeting victims across multiple continents.
The result is a displacement rather than a defeat. The same personnel, the same organizational structures, the same methods — now operating from a new jurisdiction. The acceleration of arrests in Sri Lanka suggests the move has been anything but gradual; these networks have re-established themselves with speed that reflects both their sophistication and the island's current enforcement gaps.
For the region as a whole, the pattern poses a harder question than any single crackdown can answer. Enforcement succeeds locally but exports the problem globally, rewarding whichever jurisdiction has not yet raised its defenses. Until the underlying profit incentive is addressed and regional coordination catches up with the mobility of the networks themselves, the game of displacement is likely to continue — with the next destination already being scouted.
Sri Lanka is experiencing a sudden surge in cybercrime arrests that has caught the attention of law enforcement across the region. Since January of this year, police have taken into custody more than 1,000 foreign nationals suspected of involvement in online scams and related crimes. The majority of those arrested come from China, Vietnam, and India, according to Fredrick Wootler, a spokesman for Sri Lankan police. The numbers tell a stark story: in all of 2024, authorities arrested 430 foreign nationals on cybercrime charges. The year before that, the figure was even smaller. What has changed is not the nature of the crime but its geography.
The shift reflects a pattern playing out across South and Southeast Asia. Countries like Cambodia and Myanmar have launched aggressive crackdowns on scam operations, dismantling networks that had operated with relative impunity for years. Those enforcement efforts have borne fruit in their home territories, but they have also had an unintended consequence: the criminals have simply packed up and moved. Sri Lanka, an island nation off the coast of India, has emerged as their destination of choice.
The reasons are straightforward and practical. Sri Lanka's visa policies are notably relaxed compared to its neighbors, making it easier for foreign nationals to enter and establish themselves without drawing excessive scrutiny. The country also offers something essential to any modern criminal enterprise: reliable, high-speed internet infrastructure. For scammers operating across borders, targeting victims in multiple countries, a stable connection is not a luxury but a necessity. The combination of easy entry and technical capability has made the island an attractive operational base.
What authorities are witnessing is not a reduction in cybercrime but a displacement of it. The networks themselves remain intact. The personnel remain largely the same. What has changed is the address from which they conduct their business. In Cambodia and Myanmar, police raids and arrests have made the environment hostile enough that operators have decided the risk is no longer worth taking. Sri Lanka, by contrast, presents an opportunity: a place where they can work with less immediate threat of interference.
The scale of the shift is remarkable. The jump from 430 arrests in 2024 to more than 1,000 in just the first five months of 2026 suggests that the relocation is not gradual but accelerating. Each new arrest represents not just an individual criminal but often a connection to a larger network, a piece of infrastructure, a node in a system designed to defraud people across continents. The speed at which these operations have established themselves in Sri Lanka indicates both the sophistication of the networks and the vulnerability of the island's current enforcement capacity.
For regional authorities, the situation presents a difficult puzzle. Crackdowns work, in the sense that they disrupt operations and remove criminals from the street. But they do not eliminate the underlying incentive structure that makes cybercrime attractive in the first place. As long as the potential profit exceeds the perceived risk, operators will continue to relocate, seeking jurisdictions where enforcement is weaker or less coordinated. Sri Lanka's current predicament is the direct result of success elsewhere—success that has simply pushed the problem across borders rather than solving it.
Notable Quotes
More than 1,000 foreign nationals arrested since the start of the year for alleged involvement in cybercrime, mainly from China, Vietnam and India— Fredrick Wootler, Sri Lankan police spokesman
The Hearth Conversation Another angle on the story
Why is Sri Lanka suddenly so attractive to these networks? It seems like there must be something specific that changed.
The timing matters. Cambodia and Myanmar got serious about enforcement, which made those places genuinely dangerous for operators. Sri Lanka didn't have that pressure yet. But it's not just the absence of crackdowns—it's what the island actively offers. The visa system lets people in without a lot of documentation or delay. And the internet is genuinely good, which you need if you're running a scam operation that spans multiple countries.
So it's not that Sri Lanka is corrupt or complicit. It's just that it hasn't been forced to pay attention yet.
Exactly. There's no conspiracy here. It's just the path of least resistance. A criminal network operates on simple math: risk versus reward. When the risk in one place becomes too high, they move to where it's lower. Sri Lanka had the infrastructure they needed and the regulatory environment that didn't yet see them as a priority.
The numbers jumped dramatically—from 430 arrests in all of 2024 to over 1,000 in five months. Does that mean the problem is actually getting worse, or just that police are finally catching up?
Probably both. The arrests suggest police are waking up to what's happening. But the speed of the increase also suggests the networks moved in fast and in large numbers. When you see that kind of jump, it usually means a real influx, not just better detection.
What happens next? Do other countries crack down on Sri Lanka, and then the networks just move again?
That's the trap everyone's worried about. You can push the problem around, but you don't solve it. Unless there's regional coordination—countries sharing intelligence, coordinating enforcement—you just end up playing whack-a-mole. The networks are mobile. The infrastructure is portable. The people are willing to relocate. The only thing that actually stops them is making it genuinely hard everywhere at once.