ARTECULATE
No Result
View All Result
  • News
  • Premium
  • Features
    How iMotorbike is Ensuring Peace of Mind in Used Motorcycle Purchases in Southeast Asia

    How iMotorbike is Ensuring Peace of Mind in Used Motorcycle Purchases in Southeast Asia

    Enstack | Small Business | Superapp | SME

    How Enstack’s Superapp is Helping Small Businesses in Southeast Asia to Grow

    Smartryde

    Elevate Your Travel Experience in Asia with SmartRyde’s Prebooked Airport Transfers

    MillenniumIT ESP | Internet of Things | Digital Transformation | Industry 4.0

    How MillenniumIT ESP is Enabling Manufacturers to Embrace Industry 4.0 with Data and IoT

    MAS Holdings Partners With PickMe To Support Official Transportation Requirements

    MAS Holdings Partners With PickMe To Support Official Transportation Requirements

    Fortude-Team

    Fortude at 10&Beyond: How a Unique Culture is Driving its Global Expansion

    Equitably Workplaces | DCLK | Diversity | Inclusion

    Building More Equitable Workplaces: Expert Insights from Diversity Collective Lanka

    How LEARN Empowers Scholars – A Conversation with Prof. Pradeepa Bandaranayake

    How LEARN Empowers Scholars – A Conversation with Prof. Pradeepa Bandaranayake

    Breaking Down Barriers: How Zetl is Making Finance More Accessible to Business Across Asia

    Breaking Down Barriers: How Zetl is Making Finance More Accessible to Business Across Asia

    Unlocking the Power of Data: How Zone24x7 is Driving Business Growth Across Industries

    Unlocking the Power of Data: How Zone24x7 is Driving Business Growth Across Industries

  • Startups
  • Events
  • Hotpicks
  • Community
    Unlock The Secrets of Startup Funding with Founders Institute Sri Lanka

    Unlock The Secrets of Startup Funding with Founders Institute Sri Lanka

    The RiskSense Story: Building a Cyber Security Product

    The RiskSense Story: Building a Cyber Security Product

    Negotiating to Thrive – Lessons from a Hostage Negotiator

    Negotiating to Thrive – Lessons from a Hostage Negotiator

    First wildlife travel-based management lessons book by Sarath Perera to be launched

    First wildlife travel-based management lessons book by Sarath Perera to be launched

    Hack:bit 2020 is bringing the ideas of students and undergraduates to life

    Hack:bit 2020 is bringing the ideas of students and undergraduates to life

    ESCaPe 2020: University of Peradeniya’s Engineering Students Conference

    ESCaPe 2020: University of Peradeniya’s Engineering Students Conference

    Trending Tags

    • Contributor
    • Billboard
    SUBSCRIBE
    • News
    • Premium
    • Features
      How iMotorbike is Ensuring Peace of Mind in Used Motorcycle Purchases in Southeast Asia

      How iMotorbike is Ensuring Peace of Mind in Used Motorcycle Purchases in Southeast Asia

      Enstack | Small Business | Superapp | SME

      How Enstack’s Superapp is Helping Small Businesses in Southeast Asia to Grow

      Smartryde

      Elevate Your Travel Experience in Asia with SmartRyde’s Prebooked Airport Transfers

      MillenniumIT ESP | Internet of Things | Digital Transformation | Industry 4.0

      How MillenniumIT ESP is Enabling Manufacturers to Embrace Industry 4.0 with Data and IoT

      MAS Holdings Partners With PickMe To Support Official Transportation Requirements

      MAS Holdings Partners With PickMe To Support Official Transportation Requirements

      Fortude-Team

      Fortude at 10&Beyond: How a Unique Culture is Driving its Global Expansion

      Equitably Workplaces | DCLK | Diversity | Inclusion

      Building More Equitable Workplaces: Expert Insights from Diversity Collective Lanka

      How LEARN Empowers Scholars – A Conversation with Prof. Pradeepa Bandaranayake

      How LEARN Empowers Scholars – A Conversation with Prof. Pradeepa Bandaranayake

      Breaking Down Barriers: How Zetl is Making Finance More Accessible to Business Across Asia

      Breaking Down Barriers: How Zetl is Making Finance More Accessible to Business Across Asia

      Unlocking the Power of Data: How Zone24x7 is Driving Business Growth Across Industries

      Unlocking the Power of Data: How Zone24x7 is Driving Business Growth Across Industries

    • Startups
    • Events
    • Hotpicks
    • Community
      Unlock The Secrets of Startup Funding with Founders Institute Sri Lanka

      Unlock The Secrets of Startup Funding with Founders Institute Sri Lanka

      The RiskSense Story: Building a Cyber Security Product

      The RiskSense Story: Building a Cyber Security Product

      Negotiating to Thrive – Lessons from a Hostage Negotiator

      Negotiating to Thrive – Lessons from a Hostage Negotiator

      First wildlife travel-based management lessons book by Sarath Perera to be launched

      First wildlife travel-based management lessons book by Sarath Perera to be launched

      Hack:bit 2020 is bringing the ideas of students and undergraduates to life

      Hack:bit 2020 is bringing the ideas of students and undergraduates to life

      ESCaPe 2020: University of Peradeniya’s Engineering Students Conference

      ESCaPe 2020: University of Peradeniya’s Engineering Students Conference

      Trending Tags

      • Contributor
      • Billboard
      No Result
      View All Result
      ARTECULATE
      No Result
      View All Result

      The Moment of Reckoning? Inside Sri Lanka’s LK Domain Registry Breach

      Asela Waidyalankara Asela Waidyalankara
      February 10, 2021
      · 7 mins read
      The Moment of Reckoning? Inside Sri Lanka’s LK Domain Registry Breach
      Share on Facebook Share on LinkedinShare on Whatsapp

      On a quiet post-independence Saturday morning, while sipping a warm cup of morning coffee to get my morning bearings, I received an urgent message. It was from renowned researcher and academic Sanjana Hattotuwa. Although it sounded cryptic at first due to a lack of caffeine, the sheer gravity of what had happened soon dawned. What followed next was a hectic few hours trying to decode and understand one of the most unprecedented security breaches in Sri Lankan cybersecurity history.

      You may also like

      How iMotorbike is Ensuring Peace of Mind in Used Motorcycle Purchases in Southeast Asia

      How iMotorbike is Ensuring Peace of Mind in Used Motorcycle Purchases in Southeast Asia

      May 31, 2023
      Enstack | Small Business | Superapp | SME

      How Enstack’s Superapp is Helping Small Businesses in Southeast Asia to Grow

      May 24, 2023
      Smartryde

      Elevate Your Travel Experience in Asia with SmartRyde’s Prebooked Airport Transfers

      May 17, 2023
      MillenniumIT ESP | Internet of Things | Digital Transformation | Industry 4.0

      How MillenniumIT ESP is Enabling Manufacturers to Embrace Industry 4.0 with Data and IoT

      May 15, 2023

      Understanding the critical role of the LK Domain Registry

      Sri Lanka | LK Domain Registry
      A bedrock for Sri Lankan industry, the LK Domain Registry remains the country’s top-level domain registry for .lk domains

      Before we dive in, let’s gain a quick understanding of the LK Domain Registry. The LK Domain Registry is what is considered as the country’s code top-level domain registry for .lk domains, which is Sri Lanka’s recognized country code top-level domain. Other countries top-level domains include .eu for The European Union, .au for Australia etc. a full list of country code top-level domain can be viewed here. Conceptualized by Internet Hall of Famer, Prof. Gihan Dias, the LK Domain Registry is an independent non-profit organization operating since 1990 based at University of Moratuwa.

      In their own words, they have for decades enabled Sri Lankan Enterprises and Business display their Sri Lankan heritage online with pride:

      “…individuals, businesses, religious bodies and non-profit organizations have adopted .lk web addresses to make their mark on the internet. .LK enables both companies registered in Sri Lanka as well as the international firms, who do not have a local presence, to register their domains in .lk. For companies with operations in Sri Lanka, a .lk address inspires consumer confidence and encourages people to “buy Sri Lankan.” The LK Domain Registry offers excellent opportunities for businesses to get the addresses they need.” 

      Thus the LK Domain Registry is a bedrock for Sri Lankan Enterprises, Banks, Telco’s, SME’s and most importantly Government (including the latest Digital Contact Tracing App: Stay Safe.) Therefore, even a minor breach at this level would throw serious doubt into the integrity of Sri Lanka’s Digital Infrastructure. 

      What happened to the .lk domains? 

      Innocent as it seems for the uninitiated, on the morning of 6th February all Traffic leading to Google.lk was redirected to a “propaganda” page. One inspired by Hacktivists bringing attention to their cause. This type of occurrence is known as a Malicious Redirect. Very soon the Sri Lankan Twitter-sphere activated and altered every one of this anomaly. 

      Reports suggest https://t.co/ZcqTtzH7aV country-level domain is being redirected on @dialoglk's 4G network, for some. Incident first told to me by @AzzamAmeen. Video by friend who is Dialog subscriber. At present impacting some users, not all. #SriLanka #Cybersecurity #Google pic.twitter.com/8Vvoto3awc

      — Dr. Sanjana Hattotuwa (@sanjanah) February 6, 2021

      In what appears to be a major domain level hijack #lka traffic of https://t.co/NhdcAPjSWn seems to be redirected to a propaganda page. Feedback received is it's a clustered issue, #SLCERT is aware of the redirect & coordinating with relevant stakeholders. #CybersecurityLK https://t.co/Y3qvvrDy7P

      — Asela Waidyalankara (@aselawaid) February 6, 2021

      Users in #SriLanka hv complained that https://t.co/bFifSYuMZa domain is being redirected to a site which highlights issues faced by teaworkers in #lka. Expert @aselawaid tweeted this appears to be a major domain level hijack which seems to be redirected to a propaganda page.

      — Jamila Husain (@Jamz5251) February 6, 2021

      Soon after official notices came from the TRCSL, SLCERT, the .LK Domain Registry: 

      Sri Lanka | LK Domain Registry
      Official notice from the TRCSL

      Sri Lanka | LK Domain Registry
      Official notice from the LK Domain Registry

      Around 8:30 AM the initial Google.lk redirect was corrected however the official position was that other LK domains were being investigated to breaches. 

      Update: https://t.co/NhdcAPBukX malicious redirect issue seems to be resolved, however #SLCERT #TRCSL & other stakeholders investigating if other related LK Domains (including Govt) are affected. General public is requested to inform https://t.co/he1Ko1lfIe or call 0114216061

      — Asela Waidyalankara (@aselawaid) February 6, 2021

      Subsequent investigations I conducted within the cybersecurity fraternity revealed that the initial breach was detected earlier. Some government sites had been affected, which alerted authorities that something was amiss. This incident was separate from the publicly known Google Malicious Redirect.    

      Given the vacuum of information by official sources, cybersecurity professionals on Twitter like @dumindaxsb got to work trying to understand the severity of the breach. What he found startled him:

      In the source code, the hackers have apologized for it & signed it with a HEX string?? (I couldn't get to it yet). They also mention that they didn't steal or delete anything.

      Nice Matrix effect by the way! pic.twitter.com/pACjHvw1rH

      — Duminda Jayasena (@dumindaxsb) February 6, 2021

      The type of breach that had happened was done via an attack vector is called DNS poisoning. In case you’re lost, imagine someone standing in front of your gate and then stealing a package that was supposed to be delivered to your home. You now have a basic understanding of what transpired. Legitimate traffic that was supposed to go to Google.lk was sent to another page that displayed a message. Some were enamoured with the content of the redirected message. Meanwhile, cybersecurity professionals were sounding the alarm over the potential ramifications of this breach.

      What happened next?

      Sri Lanka | LK Domain RegistryImage
      During national reporting of the crisis, inadvertently LK Domain Registry staff inadvertently exposed their administrator usernames and length of their passwords

      Key custodian of the LK Domain Registry, Prof. Gihan Dias has called for an investigation into the breach and legal action taken against those involved. However, their own internal investigation found that no other domains were affected by this breach. While national reporting was ongoing, another potential faux pas was developing. Inadvertently, these reports showed LK Domain Registry staff exposing their backend administrator usernames and length of their passwords on national television. 

      The anatomy of the attack

      Update: Independent Investigations on LK Domain Registry Breach has found that Admin Username/Password credentials have been available on the #DarkWeb since 2012, these credentials were active till Sep 2020, & most likely the attack vector used by #hacktivists to gain entry.

      — Asela Waidyalankara (@aselawaid) February 9, 2021

      A deeper investigation has revealed further startling evidence. Although initially framed as a breach that occurred on 6th February, it can be exclusively shared that Admin Usernames and Passwords were available on the Criminal Dark Web as far back as 2012 and potentially even earlier. It’s likely the attackers purchased these credentials from cybercriminals and proceeded to conduct the target on Independence Day. Hence, it presents enormous and grave national security implications from Sri Lanka’s digital infrastructure, This is independently verified by CSW a US Department of Homeland Security Sponsored Common Vulnerability Exposure (CVE) Certified Numbering Authority (CNA).

      What are the ramifications of this breach? 

      As I discussed previously, Sri Lanka’s cybersecurity setup leaves much to be desired. It’s evident that some of these shortcomings were exposed by LK Domain Registry breach. 

      An overseas expert I had the pleasure of interacting gave a brilliant answer to the lukewarm response that at times cybersecurity investments get from national governments; “It’s simple, at the end of the day, you can’t put cybersecurity in a parade and show it to people.” In a crisis, you must overcommunicate. In a cybersecurity crisis of this nature, this assumes great significance given the national digital infrastructure involved.  As we strive towards building a more Digital Sri Lanka, how safe are our Digital Keys?   

      Tags: cybersecuritySri Lanka
      ShareShareSend
      Previous Post

      The DirectPay Story: Building a Virtual Bank One Digital Brick at a Time

      Next Post

      The Startups of HatchX Building an Inclusive Financial System

      Asela Waidyalankara

      Asela Waidyalankara

      Asela Waidyalankara has been a prominent personality in the sphere of cyber-security, with over a decade of experience in progressive technology and digital strategy. Garnering extensive qualifications in both the legal and technical arenas, Asela is a pioneer trailblazer and avant-garde in the Information Security marketplace.

      Recommended Stories

      How iMotorbike is Ensuring Peace of Mind in Used Motorcycle Purchases in Southeast Asia
      Features

      How iMotorbike is Ensuring Peace of Mind in Used Motorcycle Purchases in Southeast Asia

      May 31, 2023
      Enstack | Small Business | Superapp | SME
      Features

      How Enstack’s Superapp is Helping Small Businesses in Southeast Asia to Grow

      May 24, 2023
      Smartryde
      Features

      Elevate Your Travel Experience in Asia with SmartRyde’s Prebooked Airport Transfers

      May 17, 2023
      MillenniumIT ESP | Internet of Things | Digital Transformation | Industry 4.0
      Features

      How MillenniumIT ESP is Enabling Manufacturers to Embrace Industry 4.0 with Data and IoT

      May 15, 2023
      MAS Holdings Partners With PickMe To Support Official Transportation Requirements
      Features

      MAS Holdings Partners With PickMe To Support Official Transportation Requirements

      May 12, 2023
      Fortude-Team
      Features

      Fortude at 10&Beyond: How a Unique Culture is Driving its Global Expansion

      May 10, 2023
      Leave Comment

      Recommended Stories

      How iMotorbike is Ensuring Peace of Mind in Used Motorcycle Purchases in Southeast Asia

      How iMotorbike is Ensuring Peace of Mind in Used Motorcycle Purchases in Southeast Asia

      May 31, 2023
      Enstack | Small Business | Superapp | SME

      How Enstack’s Superapp is Helping Small Businesses in Southeast Asia to Grow

      May 24, 2023
      Smartryde

      Elevate Your Travel Experience in Asia with SmartRyde’s Prebooked Airport Transfers

      May 17, 2023
      MillenniumIT ESP | Internet of Things | Digital Transformation | Industry 4.0

      How MillenniumIT ESP is Enabling Manufacturers to Embrace Industry 4.0 with Data and IoT

      May 15, 2023
      MAS Holdings Partners With PickMe To Support Official Transportation Requirements

      MAS Holdings Partners With PickMe To Support Official Transportation Requirements

      May 12, 2023
      Fortude-Team

      Fortude at 10&Beyond: How a Unique Culture is Driving its Global Expansion

      May 10, 2023

      Popular Stories

      • Coca Cola and Avocado: A Partnership Rewarding Food Experiences

        Coca Cola and Avocado: A Partnership Rewarding Food Experiences

        0 shares
        Share 0 Tweet 0
      • Rhoda: The all-electric Sri Lankan Roadster

        0 shares
        Share 0 Tweet 0
      • Spotify Expands Into Sri Lanka: Exploring What It Has To Offer

        0 shares
        Share 0 Tweet 0
      • Leveraging the Power of AI: How EBI is Building a Digitally Inclusive Sri Lanka

        0 shares
        Share 0 Tweet 0
      • The DirectPay Story: Building a Virtual Bank One Digital Brick at a Time

        0 shares
        Share 0 Tweet 0
      No Result
      View All Result
      • News
      • Premium
      • Features
      • Startups
      • Events
      • Hotpicks
      • Community
      • Contributor
      • Billboard

      © 2020 Arteculate™ All Rights Reserved.

      Are you sure want to unlock this post?
      Unlock left : 0
      Are you sure want to cancel subscription?