ARTECULATE
No Result
View All Result
  • News
  • Premium
  • Features
    How Can System Integrators Solve Digital Transformation Problems?

    How Can System Integrators Solve Digital Transformation Problems?

    National Research and Education Networks LEARN and BdREN

    Bridging the Digital Divide in Asian Academia: A Novel Proposal from LEARN and BdREN

    How Ackcio from Singapore is Unlocking the Full Potential of Wireless Technology

    How Ackcio from Singapore is Unlocking the Full Potential of Wireless Technology

    Channa de Silva, CEO of LankaClear

    LankaClear Paves the Way for A Future in Sri Lanka with Less Cash

    Moneta Sri Lanka Positive Credit

    Moneta’s Efforts to Build Positive Credit Discipline in Sri Lanka

    BankOyo

    With a Robust Tech Platform Bankoyo is Removing Barriers in the Banking Industry

    Why Do Rich Investors Invest 10x More into Alternatives than the Rest?

    Why Do Rich Investors Invest 10x More into Alternatives than the Rest?

    Malaysian Startup Curlec

    How Curlec is Enabling the Subscription Economy in Malaysia

    Council for Business with Britain

    Conversations on Making Workplace Diversity & Inclusion the Norm

    Lanka Education and Research Network

    $1 Million Success Story & Supporting Regional Academics: How LEARN Navigated the Pandemic

  • Startups
  • Events
  • Hotpicks
  • Community
    Unlock The Secrets of Startup Funding with Founders Institute Sri Lanka

    Unlock The Secrets of Startup Funding with Founders Institute Sri Lanka

    The RiskSense Story: Building a Cyber Security Product

    The RiskSense Story: Building a Cyber Security Product

    Negotiating to Thrive – Lessons from a Hostage Negotiator

    Negotiating to Thrive – Lessons from a Hostage Negotiator

    First wildlife travel-based management lessons book by Sarath Perera to be launched

    First wildlife travel-based management lessons book by Sarath Perera to be launched

    Hack:bit 2020 is bringing the ideas of students and undergraduates to life

    Hack:bit 2020 is bringing the ideas of students and undergraduates to life

    ESCaPe 2020: University of Peradeniya’s Engineering Students Conference

    ESCaPe 2020: University of Peradeniya’s Engineering Students Conference

    Trending Tags

    • Contributor
    • Billboard
    SUBSCRIBE
    • News
    • Premium
    • Features
      How Can System Integrators Solve Digital Transformation Problems?

      How Can System Integrators Solve Digital Transformation Problems?

      National Research and Education Networks LEARN and BdREN

      Bridging the Digital Divide in Asian Academia: A Novel Proposal from LEARN and BdREN

      How Ackcio from Singapore is Unlocking the Full Potential of Wireless Technology

      How Ackcio from Singapore is Unlocking the Full Potential of Wireless Technology

      Channa de Silva, CEO of LankaClear

      LankaClear Paves the Way for A Future in Sri Lanka with Less Cash

      Moneta Sri Lanka Positive Credit

      Moneta’s Efforts to Build Positive Credit Discipline in Sri Lanka

      BankOyo

      With a Robust Tech Platform Bankoyo is Removing Barriers in the Banking Industry

      Why Do Rich Investors Invest 10x More into Alternatives than the Rest?

      Why Do Rich Investors Invest 10x More into Alternatives than the Rest?

      Malaysian Startup Curlec

      How Curlec is Enabling the Subscription Economy in Malaysia

      Council for Business with Britain

      Conversations on Making Workplace Diversity & Inclusion the Norm

      Lanka Education and Research Network

      $1 Million Success Story & Supporting Regional Academics: How LEARN Navigated the Pandemic

    • Startups
    • Events
    • Hotpicks
    • Community
      Unlock The Secrets of Startup Funding with Founders Institute Sri Lanka

      Unlock The Secrets of Startup Funding with Founders Institute Sri Lanka

      The RiskSense Story: Building a Cyber Security Product

      The RiskSense Story: Building a Cyber Security Product

      Negotiating to Thrive – Lessons from a Hostage Negotiator

      Negotiating to Thrive – Lessons from a Hostage Negotiator

      First wildlife travel-based management lessons book by Sarath Perera to be launched

      First wildlife travel-based management lessons book by Sarath Perera to be launched

      Hack:bit 2020 is bringing the ideas of students and undergraduates to life

      Hack:bit 2020 is bringing the ideas of students and undergraduates to life

      ESCaPe 2020: University of Peradeniya’s Engineering Students Conference

      ESCaPe 2020: University of Peradeniya’s Engineering Students Conference

      Trending Tags

      • Contributor
      • Billboard
      No Result
      View All Result
      ARTECULATE
      No Result
      View All Result

      The Moment of Reckoning? Inside Sri Lanka’s LK Domain Registry Breach

      Asela Waidyalankara Asela Waidyalankara
      February 10, 2021
      · 7 mins read
      The Moment of Reckoning? Inside Sri Lanka’s LK Domain Registry Breach
      Share on Facebook Share on LinkedinShare on Whatsapp

      On a quiet post-independence Saturday morning, while sipping a warm cup of morning coffee to get my morning bearings, I received an urgent message. It was from renowned researcher and academic Sanjana Hattotuwa. Although it sounded cryptic at first due to a lack of caffeine, the sheer gravity of what had happened soon dawned. What followed next was a hectic few hours trying to decode and understand one of the most unprecedented security breaches in Sri Lankan cybersecurity history.

      You may also like

      Food Delivery through Electric Mobility: PickMe in Collaboration with Rhoda

      Food Delivery through Electric Mobility: PickMe in Collaboration with Rhoda

      May 26, 2022
      How Can System Integrators Solve Digital Transformation Problems?

      How Can System Integrators Solve Digital Transformation Problems?

      May 26, 2022
      PickMe Launches Carpooling in Sri Lanka with PickMe Hitch

      PickMe Launches Carpooling in Sri Lanka with PickMe Hitch

      May 25, 2022
      Volopay | Visa | Fintech

      Volopay Partners with Visa to issue its own Corporate Cards for Businesses across APAC

      May 19, 2022

      Understanding the critical role of the LK Domain Registry

      Sri Lanka | LK Domain Registry
      A bedrock for Sri Lankan industry, the LK Domain Registry remains the country’s top-level domain registry for .lk domains

      Before we dive in, let’s gain a quick understanding of the LK Domain Registry. The LK Domain Registry is what is considered as the country’s code top-level domain registry for .lk domains, which is Sri Lanka’s recognized country code top-level domain. Other countries top-level domains include .eu for The European Union, .au for Australia etc. a full list of country code top-level domain can be viewed here. Conceptualized by Internet Hall of Famer, Prof. Gihan Dias, the LK Domain Registry is an independent non-profit organization operating since 1990 based at University of Moratuwa.

      In their own words, they have for decades enabled Sri Lankan Enterprises and Business display their Sri Lankan heritage online with pride:

      “…individuals, businesses, religious bodies and non-profit organizations have adopted .lk web addresses to make their mark on the internet. .LK enables both companies registered in Sri Lanka as well as the international firms, who do not have a local presence, to register their domains in .lk. For companies with operations in Sri Lanka, a .lk address inspires consumer confidence and encourages people to “buy Sri Lankan.” The LK Domain Registry offers excellent opportunities for businesses to get the addresses they need.” 

      Thus the LK Domain Registry is a bedrock for Sri Lankan Enterprises, Banks, Telco’s, SME’s and most importantly Government (including the latest Digital Contact Tracing App: Stay Safe.) Therefore, even a minor breach at this level would throw serious doubt into the integrity of Sri Lanka’s Digital Infrastructure. 

      What happened to the .lk domains? 

      Innocent as it seems for the uninitiated, on the morning of 6th February all Traffic leading to Google.lk was redirected to a “propaganda” page. One inspired by Hacktivists bringing attention to their cause. This type of occurrence is known as a Malicious Redirect. Very soon the Sri Lankan Twitter-sphere activated and altered every one of this anomaly. 

      Reports suggest https://t.co/ZcqTtzH7aV country-level domain is being redirected on @dialoglk's 4G network, for some. Incident first told to me by @AzzamAmeen. Video by friend who is Dialog subscriber. At present impacting some users, not all. #SriLanka #Cybersecurity #Google pic.twitter.com/8Vvoto3awc

      — Sanjana Hattotuwa (@sanjanah) February 6, 2021

      In what appears to be a major domain level hijack #lka traffic of https://t.co/NhdcAPjSWn seems to be redirected to a propaganda page. Feedback received is it's a clustered issue, #SLCERT is aware of the redirect & coordinating with relevant stakeholders. #CybersecurityLK https://t.co/Y3qvvrDy7P

      — Asela Waidyalankara (@aselawaid) February 6, 2021

      Users in #SriLanka hv complained that https://t.co/bFifSYuMZa domain is being redirected to a site which highlights issues faced by teaworkers in #lka. Expert @aselawaid tweeted this appears to be a major domain level hijack which seems to be redirected to a propaganda page.

      — Jamila Husain (@Jamz5251) February 6, 2021

      Soon after official notices came from the TRCSL, SLCERT, the .LK Domain Registry: 

      Sri Lanka | LK Domain Registry
      Official notice from the TRCSL

      Sri Lanka | LK Domain Registry
      Official notice from the LK Domain Registry

      Around 8:30 AM the initial Google.lk redirect was corrected however the official position was that other LK domains were being investigated to breaches. 

      Update: https://t.co/NhdcAPBukX malicious redirect issue seems to be resolved, however #SLCERT #TRCSL & other stakeholders investigating if other related LK Domains (including Govt) are affected. General public is requested to inform https://t.co/he1Ko1lfIe or call 0114216061

      — Asela Waidyalankara (@aselawaid) February 6, 2021

      Subsequent investigations I conducted within the cybersecurity fraternity revealed that the initial breach was detected earlier. Some government sites had been affected, which alerted authorities that something was amiss. This incident was separate from the publicly known Google Malicious Redirect.    

      Given the vacuum of information by official sources, cybersecurity professionals on Twitter like @dumindaxsb got to work trying to understand the severity of the breach. What he found startled him:

      In the source code, the hackers have apologized for it & signed it with a HEX string?? (I couldn't get to it yet). They also mention that they didn't steal or delete anything.

      Nice Matrix effect by the way! pic.twitter.com/pACjHvw1rH

      — Dumi (@dumindaxsb) February 6, 2021

      The type of breach that had happened was done via an attack vector is called DNS poisoning. In case you’re lost, imagine someone standing in front of your gate and then stealing a package that was supposed to be delivered to your home. You now have a basic understanding of what transpired. Legitimate traffic that was supposed to go to Google.lk was sent to another page that displayed a message. Some were enamoured with the content of the redirected message. Meanwhile, cybersecurity professionals were sounding the alarm over the potential ramifications of this breach.

      What happened next?

      Sri Lanka | LK Domain RegistryImage
      During national reporting of the crisis, inadvertently LK Domain Registry staff inadvertently exposed their administrator usernames and length of their passwords

      Key custodian of the LK Domain Registry, Prof. Gihan Dias has called for an investigation into the breach and legal action taken against those involved. However, their own internal investigation found that no other domains were affected by this breach. While national reporting was ongoing, another potential faux pas was developing. Inadvertently, these reports showed LK Domain Registry staff exposing their backend administrator usernames and length of their passwords on national television. 

      The anatomy of the attack

      Update: Independent Investigations on LK Domain Registry Breach has found that Admin Username/Password credentials have been available on the #DarkWeb since 2012, these credentials were active till Sep 2020, & most likely the attack vector used by #hacktivists to gain entry.

      — Asela Waidyalankara (@aselawaid) February 9, 2021

      A deeper investigation has revealed further startling evidence. Although initially framed as a breach that occurred on 6th February, it can be exclusively shared that Admin Usernames and Passwords were available on the Criminal Dark Web as far back as 2012 and potentially even earlier. It’s likely the attackers purchased these credentials from cybercriminals and proceeded to conduct the target on Independence Day. Hence, it presents enormous and grave national security implications from Sri Lanka’s digital infrastructure, This is independently verified by CSW a US Department of Homeland Security Sponsored Common Vulnerability Exposure (CVE) Certified Numbering Authority (CNA).

      What are the ramifications of this breach? 

      As I discussed previously, Sri Lanka’s cybersecurity setup leaves much to be desired. It’s evident that some of these shortcomings were exposed by LK Domain Registry breach. 

      An overseas expert I had the pleasure of interacting gave a brilliant answer to the lukewarm response that at times cybersecurity investments get from national governments; “It’s simple, at the end of the day, you can’t put cybersecurity in a parade and show it to people.” In a crisis, you must overcommunicate. In a cybersecurity crisis of this nature, this assumes great significance given the national digital infrastructure involved.  As we strive towards building a more Digital Sri Lanka, how safe are our Digital Keys?   

      Tags: cybersecuritySri Lanka
      ShareShareSend
      Previous Post

      The DirectPay Story: Building a Virtual Bank One Digital Brick at a Time

      Next Post

      The Startups of HatchX Building an Inclusive Financial System

      Asela Waidyalankara

      Asela Waidyalankara

      Asela Waidyalankara has been a prominent personality in the sphere of cyber-security, with over a decade of experience in progressive technology and digital strategy. Garnering extensive qualifications in both the legal and technical arenas, Asela is a pioneer trailblazer and avant-garde in the Information Security marketplace.

      Recommended Stories

      Food Delivery through Electric Mobility: PickMe in Collaboration with Rhoda
      News

      Food Delivery through Electric Mobility: PickMe in Collaboration with Rhoda

      May 26, 2022
      How Can System Integrators Solve Digital Transformation Problems?
      Features

      How Can System Integrators Solve Digital Transformation Problems?

      May 26, 2022
      PickMe Launches Carpooling in Sri Lanka with PickMe Hitch
      News

      PickMe Launches Carpooling in Sri Lanka with PickMe Hitch

      May 25, 2022
      Volopay | Visa | Fintech
      News

      Volopay Partners with Visa to issue its own Corporate Cards for Businesses across APAC

      May 19, 2022
      Volopay Fintech Singapore
      News

      Volopay’s Successful USD 29 Million Series A: Empowering Businesses Across APAC and MENA

      May 6, 2022
      Nations Trust Bank - Banking - Fintech
      News

      Nations Trust Bank’s Self-Onboarding Platform: Reimagining Banking in a Digital World

      May 5, 2022
      Leave Comment

      Recommended Stories

      Food Delivery through Electric Mobility: PickMe in Collaboration with Rhoda

      Food Delivery through Electric Mobility: PickMe in Collaboration with Rhoda

      May 26, 2022
      How Can System Integrators Solve Digital Transformation Problems?

      How Can System Integrators Solve Digital Transformation Problems?

      May 26, 2022
      LOLC Technologies Boosts Efficiency Through Innovation Within the LOLC Group and Beyond

      LOLC Technologies Boosts Efficiency Through Innovation Within the LOLC Group and Beyond

      May 26, 2022
      PickMe Launches Carpooling in Sri Lanka with PickMe Hitch

      PickMe Launches Carpooling in Sri Lanka with PickMe Hitch

      May 25, 2022
      Volopay | Visa | Fintech

      Volopay Partners with Visa to issue its own Corporate Cards for Businesses across APAC

      May 19, 2022
      Revisiting EVOLUTION AI

      Revisiting EVOLUTION AI

      May 16, 2022

      Popular Stories

      • Coca Cola and Avocado: A Partnership Rewarding Food Experiences

        Coca Cola and Avocado: A Partnership Rewarding Food Experiences

        0 shares
        Share 0 Tweet 0
      • Leveraging the Power of AI: How EBI is Building a Digitally Inclusive Sri Lanka

        0 shares
        Share 0 Tweet 0
      • Spotify Expands Into Sri Lanka: Exploring What It Has To Offer

        0 shares
        Share 0 Tweet 0
      • Rhoda: The all-electric Sri Lankan Roadster

        0 shares
        Share 0 Tweet 0
      • The DirectPay Story: Building a Virtual Bank One Digital Brick at a Time

        0 shares
        Share 0 Tweet 0
      No Result
      View All Result
      • News
      • Premium
      • Features
      • Startups
      • Events
      • Hotpicks
      • Community
      • Contributor
      • Billboard

      © 2020 Arteculate™ All Rights Reserved.

      Are you sure want to unlock this post?
      Unlock left : 0
      Are you sure want to cancel subscription?