ARTECULATE
No Result
View All Result
  • News
  • Premium
  • Features
    Visa | eCommerce

    Visa’s eCommerce Solutions Are Opening New Doors for Merchants to Offer Better Customer Experiences

    Optimizing Business Transportation: How PickMe Corporate is Helping Companies Save Up to 35% on Transportation Costs

    Optimizing Business Transportation: How PickMe Corporate is Helping Companies Save Up to 35% on Transportation Costs

    The Visa Global Innovation Tour: Collaborative Opportunities Enabling Sri Lankan Fintechs to Grow

    The Visa Global Innovation Tour: Collaborative Opportunities Enabling Sri Lankan Fintechs to Grow

    A Winning Formula: Zone24x7’s Inclusive Approach to Employee Development and Client Success

    A Winning Formula: Zone24x7’s Inclusive Approach to Employee Development and Client Success

    John Keells X Corporate Accelerator Meetup

    The John Keells X Chronicles Part II: Mastering the Fundamentals of Building Sustainable Startups

    LEARN Workshop Training in Sri Lanka

    LEARN is Empowering Local Universities to Unlock the Full Potential of their Digital Infrastructure

    How Taran’s Data Science Expertise Elevated the iPrice Customer Experience

    How Taran’s Data Science Expertise Elevated the iPrice Customer Experience

    The John Keells X Chronicles Part I: Passionate Startup Founders Meet Industry Veterans

    The John Keells X Chronicles Part I: Passionate Startup Founders Meet Industry Veterans

    Creating Cultures of Respect: A Year Later DCLK’s Journey to Build Inclusive Workplaces Continues

    Creating Cultures of Respect: A Year Later DCLK’s Journey to Build Inclusive Workplaces Continues

    Inside Wiley Sri Lanka: The Professionals Empowering Research and Education through Technology

    Inside Wiley Sri Lanka: The Professionals Empowering Research and Education through Technology

  • Startups
  • Events
  • Hotpicks
  • Community
    Unlock The Secrets of Startup Funding with Founders Institute Sri Lanka

    Unlock The Secrets of Startup Funding with Founders Institute Sri Lanka

    The RiskSense Story: Building a Cyber Security Product

    The RiskSense Story: Building a Cyber Security Product

    Negotiating to Thrive – Lessons from a Hostage Negotiator

    Negotiating to Thrive – Lessons from a Hostage Negotiator

    First wildlife travel-based management lessons book by Sarath Perera to be launched

    First wildlife travel-based management lessons book by Sarath Perera to be launched

    Hack:bit 2020 is bringing the ideas of students and undergraduates to life

    Hack:bit 2020 is bringing the ideas of students and undergraduates to life

    ESCaPe 2020: University of Peradeniya’s Engineering Students Conference

    ESCaPe 2020: University of Peradeniya’s Engineering Students Conference

    Trending Tags

    • Contributor
    • Billboard
    SUBSCRIBE
    • News
    • Premium
    • Features
      Visa | eCommerce

      Visa’s eCommerce Solutions Are Opening New Doors for Merchants to Offer Better Customer Experiences

      Optimizing Business Transportation: How PickMe Corporate is Helping Companies Save Up to 35% on Transportation Costs

      Optimizing Business Transportation: How PickMe Corporate is Helping Companies Save Up to 35% on Transportation Costs

      The Visa Global Innovation Tour: Collaborative Opportunities Enabling Sri Lankan Fintechs to Grow

      The Visa Global Innovation Tour: Collaborative Opportunities Enabling Sri Lankan Fintechs to Grow

      A Winning Formula: Zone24x7’s Inclusive Approach to Employee Development and Client Success

      A Winning Formula: Zone24x7’s Inclusive Approach to Employee Development and Client Success

      John Keells X Corporate Accelerator Meetup

      The John Keells X Chronicles Part II: Mastering the Fundamentals of Building Sustainable Startups

      LEARN Workshop Training in Sri Lanka

      LEARN is Empowering Local Universities to Unlock the Full Potential of their Digital Infrastructure

      How Taran’s Data Science Expertise Elevated the iPrice Customer Experience

      How Taran’s Data Science Expertise Elevated the iPrice Customer Experience

      The John Keells X Chronicles Part I: Passionate Startup Founders Meet Industry Veterans

      The John Keells X Chronicles Part I: Passionate Startup Founders Meet Industry Veterans

      Creating Cultures of Respect: A Year Later DCLK’s Journey to Build Inclusive Workplaces Continues

      Creating Cultures of Respect: A Year Later DCLK’s Journey to Build Inclusive Workplaces Continues

      Inside Wiley Sri Lanka: The Professionals Empowering Research and Education through Technology

      Inside Wiley Sri Lanka: The Professionals Empowering Research and Education through Technology

    • Startups
    • Events
    • Hotpicks
    • Community
      Unlock The Secrets of Startup Funding with Founders Institute Sri Lanka

      Unlock The Secrets of Startup Funding with Founders Institute Sri Lanka

      The RiskSense Story: Building a Cyber Security Product

      The RiskSense Story: Building a Cyber Security Product

      Negotiating to Thrive – Lessons from a Hostage Negotiator

      Negotiating to Thrive – Lessons from a Hostage Negotiator

      First wildlife travel-based management lessons book by Sarath Perera to be launched

      First wildlife travel-based management lessons book by Sarath Perera to be launched

      Hack:bit 2020 is bringing the ideas of students and undergraduates to life

      Hack:bit 2020 is bringing the ideas of students and undergraduates to life

      ESCaPe 2020: University of Peradeniya’s Engineering Students Conference

      ESCaPe 2020: University of Peradeniya’s Engineering Students Conference

      Trending Tags

      • Contributor
      • Billboard
      No Result
      View All Result
      ARTECULATE
      No Result
      View All Result

      The Moment of Reckoning? Inside Sri Lanka’s LK Domain Registry Breach

      Asela Waidyalankara Asela Waidyalankara
      February 10, 2021
      · 7 mins read
      The Moment of Reckoning? Inside Sri Lanka’s LK Domain Registry Breach
      Share on Facebook Share on LinkedinShare on Whatsapp

      On a quiet post-independence Saturday morning, while sipping a warm cup of morning coffee to get my morning bearings, I received an urgent message. It was from renowned researcher and academic Sanjana Hattotuwa. Although it sounded cryptic at first due to a lack of caffeine, the sheer gravity of what had happened soon dawned. What followed next was a hectic few hours trying to decode and understand one of the most unprecedented security breaches in Sri Lankan cybersecurity history.

      You may also like

      Visa | eCommerce

      Visa’s eCommerce Solutions Are Opening New Doors for Merchants to Offer Better Customer Experiences

      February 8, 2023
      Optimizing Business Transportation: How PickMe Corporate is Helping Companies Save Up to 35% on Transportation Costs

      Optimizing Business Transportation: How PickMe Corporate is Helping Companies Save Up to 35% on Transportation Costs

      February 6, 2023
      The Visa Global Innovation Tour: Collaborative Opportunities Enabling Sri Lankan Fintechs to Grow

      The Visa Global Innovation Tour: Collaborative Opportunities Enabling Sri Lankan Fintechs to Grow

      February 3, 2023
      A Winning Formula: Zone24x7’s Inclusive Approach to Employee Development and Client Success

      A Winning Formula: Zone24x7’s Inclusive Approach to Employee Development and Client Success

      February 1, 2023

      Understanding the critical role of the LK Domain Registry

      Sri Lanka | LK Domain Registry
      A bedrock for Sri Lankan industry, the LK Domain Registry remains the country’s top-level domain registry for .lk domains

      Before we dive in, let’s gain a quick understanding of the LK Domain Registry. The LK Domain Registry is what is considered as the country’s code top-level domain registry for .lk domains, which is Sri Lanka’s recognized country code top-level domain. Other countries top-level domains include .eu for The European Union, .au for Australia etc. a full list of country code top-level domain can be viewed here. Conceptualized by Internet Hall of Famer, Prof. Gihan Dias, the LK Domain Registry is an independent non-profit organization operating since 1990 based at University of Moratuwa.

      In their own words, they have for decades enabled Sri Lankan Enterprises and Business display their Sri Lankan heritage online with pride:

      “…individuals, businesses, religious bodies and non-profit organizations have adopted .lk web addresses to make their mark on the internet. .LK enables both companies registered in Sri Lanka as well as the international firms, who do not have a local presence, to register their domains in .lk. For companies with operations in Sri Lanka, a .lk address inspires consumer confidence and encourages people to “buy Sri Lankan.” The LK Domain Registry offers excellent opportunities for businesses to get the addresses they need.” 

      Thus the LK Domain Registry is a bedrock for Sri Lankan Enterprises, Banks, Telco’s, SME’s and most importantly Government (including the latest Digital Contact Tracing App: Stay Safe.) Therefore, even a minor breach at this level would throw serious doubt into the integrity of Sri Lanka’s Digital Infrastructure. 

      What happened to the .lk domains? 

      Innocent as it seems for the uninitiated, on the morning of 6th February all Traffic leading to Google.lk was redirected to a “propaganda” page. One inspired by Hacktivists bringing attention to their cause. This type of occurrence is known as a Malicious Redirect. Very soon the Sri Lankan Twitter-sphere activated and altered every one of this anomaly. 

      Reports suggest https://t.co/ZcqTtzH7aV country-level domain is being redirected on @dialoglk's 4G network, for some. Incident first told to me by @AzzamAmeen. Video by friend who is Dialog subscriber. At present impacting some users, not all. #SriLanka #Cybersecurity #Google pic.twitter.com/8Vvoto3awc

      — Dr. Sanjana Hattotuwa (@sanjanah) February 6, 2021

      In what appears to be a major domain level hijack #lka traffic of https://t.co/NhdcAPjSWn seems to be redirected to a propaganda page. Feedback received is it's a clustered issue, #SLCERT is aware of the redirect & coordinating with relevant stakeholders. #CybersecurityLK https://t.co/Y3qvvrDy7P

      — Asela Waidyalankara (@aselawaid) February 6, 2021

      Users in #SriLanka hv complained that https://t.co/bFifSYuMZa domain is being redirected to a site which highlights issues faced by teaworkers in #lka. Expert @aselawaid tweeted this appears to be a major domain level hijack which seems to be redirected to a propaganda page.

      — Jamila Husain (@Jamz5251) February 6, 2021

      Soon after official notices came from the TRCSL, SLCERT, the .LK Domain Registry: 

      Sri Lanka | LK Domain Registry
      Official notice from the TRCSL

      Sri Lanka | LK Domain Registry
      Official notice from the LK Domain Registry

      Around 8:30 AM the initial Google.lk redirect was corrected however the official position was that other LK domains were being investigated to breaches. 

      Update: https://t.co/NhdcAPBukX malicious redirect issue seems to be resolved, however #SLCERT #TRCSL & other stakeholders investigating if other related LK Domains (including Govt) are affected. General public is requested to inform https://t.co/he1Ko1lfIe or call 0114216061

      — Asela Waidyalankara (@aselawaid) February 6, 2021

      Subsequent investigations I conducted within the cybersecurity fraternity revealed that the initial breach was detected earlier. Some government sites had been affected, which alerted authorities that something was amiss. This incident was separate from the publicly known Google Malicious Redirect.    

      Given the vacuum of information by official sources, cybersecurity professionals on Twitter like @dumindaxsb got to work trying to understand the severity of the breach. What he found startled him:

      In the source code, the hackers have apologized for it & signed it with a HEX string?? (I couldn't get to it yet). They also mention that they didn't steal or delete anything.

      Nice Matrix effect by the way! pic.twitter.com/pACjHvw1rH

      — Duminda Jayasena (@dumindaxsb) February 6, 2021

      The type of breach that had happened was done via an attack vector is called DNS poisoning. In case you’re lost, imagine someone standing in front of your gate and then stealing a package that was supposed to be delivered to your home. You now have a basic understanding of what transpired. Legitimate traffic that was supposed to go to Google.lk was sent to another page that displayed a message. Some were enamoured with the content of the redirected message. Meanwhile, cybersecurity professionals were sounding the alarm over the potential ramifications of this breach.

      What happened next?

      Sri Lanka | LK Domain RegistryImage
      During national reporting of the crisis, inadvertently LK Domain Registry staff inadvertently exposed their administrator usernames and length of their passwords

      Key custodian of the LK Domain Registry, Prof. Gihan Dias has called for an investigation into the breach and legal action taken against those involved. However, their own internal investigation found that no other domains were affected by this breach. While national reporting was ongoing, another potential faux pas was developing. Inadvertently, these reports showed LK Domain Registry staff exposing their backend administrator usernames and length of their passwords on national television. 

      The anatomy of the attack

      Update: Independent Investigations on LK Domain Registry Breach has found that Admin Username/Password credentials have been available on the #DarkWeb since 2012, these credentials were active till Sep 2020, & most likely the attack vector used by #hacktivists to gain entry.

      — Asela Waidyalankara (@aselawaid) February 9, 2021

      A deeper investigation has revealed further startling evidence. Although initially framed as a breach that occurred on 6th February, it can be exclusively shared that Admin Usernames and Passwords were available on the Criminal Dark Web as far back as 2012 and potentially even earlier. It’s likely the attackers purchased these credentials from cybercriminals and proceeded to conduct the target on Independence Day. Hence, it presents enormous and grave national security implications from Sri Lanka’s digital infrastructure, This is independently verified by CSW a US Department of Homeland Security Sponsored Common Vulnerability Exposure (CVE) Certified Numbering Authority (CNA).

      What are the ramifications of this breach? 

      As I discussed previously, Sri Lanka’s cybersecurity setup leaves much to be desired. It’s evident that some of these shortcomings were exposed by LK Domain Registry breach. 

      An overseas expert I had the pleasure of interacting gave a brilliant answer to the lukewarm response that at times cybersecurity investments get from national governments; “It’s simple, at the end of the day, you can’t put cybersecurity in a parade and show it to people.” In a crisis, you must overcommunicate. In a cybersecurity crisis of this nature, this assumes great significance given the national digital infrastructure involved.  As we strive towards building a more Digital Sri Lanka, how safe are our Digital Keys?   

      Tags: cybersecuritySri Lanka
      ShareShareSend
      Previous Post

      The DirectPay Story: Building a Virtual Bank One Digital Brick at a Time

      Next Post

      The Startups of HatchX Building an Inclusive Financial System

      Asela Waidyalankara

      Asela Waidyalankara

      Asela Waidyalankara has been a prominent personality in the sphere of cyber-security, with over a decade of experience in progressive technology and digital strategy. Garnering extensive qualifications in both the legal and technical arenas, Asela is a pioneer trailblazer and avant-garde in the Information Security marketplace.

      Recommended Stories

      Visa | eCommerce
      Features

      Visa’s eCommerce Solutions Are Opening New Doors for Merchants to Offer Better Customer Experiences

      February 8, 2023
      Optimizing Business Transportation: How PickMe Corporate is Helping Companies Save Up to 35% on Transportation Costs
      Features

      Optimizing Business Transportation: How PickMe Corporate is Helping Companies Save Up to 35% on Transportation Costs

      February 6, 2023
      The Visa Global Innovation Tour: Collaborative Opportunities Enabling Sri Lankan Fintechs to Grow
      Features

      The Visa Global Innovation Tour: Collaborative Opportunities Enabling Sri Lankan Fintechs to Grow

      February 3, 2023
      A Winning Formula: Zone24x7’s Inclusive Approach to Employee Development and Client Success
      Features

      A Winning Formula: Zone24x7’s Inclusive Approach to Employee Development and Client Success

      February 1, 2023
      John Keells X Corporate Accelerator Meetup
      Features

      The John Keells X Chronicles Part II: Mastering the Fundamentals of Building Sustainable Startups

      January 26, 2023
      LEARN Workshop Training in Sri Lanka
      Features

      LEARN is Empowering Local Universities to Unlock the Full Potential of their Digital Infrastructure

      January 25, 2023
      Leave Comment

      Recommended Stories

      Visa | eCommerce

      Visa’s eCommerce Solutions Are Opening New Doors for Merchants to Offer Better Customer Experiences

      February 8, 2023
      Optimizing Business Transportation: How PickMe Corporate is Helping Companies Save Up to 35% on Transportation Costs

      Optimizing Business Transportation: How PickMe Corporate is Helping Companies Save Up to 35% on Transportation Costs

      February 6, 2023
      The Visa Global Innovation Tour: Collaborative Opportunities Enabling Sri Lankan Fintechs to Grow

      The Visa Global Innovation Tour: Collaborative Opportunities Enabling Sri Lankan Fintechs to Grow

      February 3, 2023
      A Winning Formula: Zone24x7’s Inclusive Approach to Employee Development and Client Success

      A Winning Formula: Zone24x7’s Inclusive Approach to Employee Development and Client Success

      February 1, 2023
      The Visa Fintech Initiative: Sri Lanka – Empowering Local Startups With Opportunities To Go Global

      The Visa Fintech Initiative: Sri Lanka – Empowering Local Startups With Opportunities To Go Global

      January 30, 2023
      John Keells X Corporate Accelerator Meetup

      The John Keells X Chronicles Part II: Mastering the Fundamentals of Building Sustainable Startups

      January 26, 2023

      Popular Stories

      • Coca Cola and Avocado: A Partnership Rewarding Food Experiences

        Coca Cola and Avocado: A Partnership Rewarding Food Experiences

        0 shares
        Share 0 Tweet 0
      • Rhoda: The all-electric Sri Lankan Roadster

        0 shares
        Share 0 Tweet 0
      • Spotify Expands Into Sri Lanka: Exploring What It Has To Offer

        0 shares
        Share 0 Tweet 0
      • Leveraging the Power of AI: How EBI is Building a Digitally Inclusive Sri Lanka

        0 shares
        Share 0 Tweet 0
      • The DirectPay Story: Building a Virtual Bank One Digital Brick at a Time

        0 shares
        Share 0 Tweet 0
      No Result
      View All Result
      • News
      • Premium
      • Features
      • Startups
      • Events
      • Hotpicks
      • Community
      • Contributor
      • Billboard

      © 2020 Arteculate™ All Rights Reserved.

      Are you sure want to unlock this post?
      Unlock left : 0
      Are you sure want to cancel subscription?