Fri, 27 Jan 2023 Today's Paper

Ten domain names modified following cyber attack: LK Domain Registrar

13 February 2021 01:35 am - 1     - {{hitsCtrl.values.hits}}

A A A

At least 10 domain names have been modified to point to a new IP address following the recent cyber attack to the ‘.lk’ Domain Registry, LK Domain Registry's Domain Registrar Prof. Gihan Dias said.

He said the attack was reported on Saturday (6) morning and was solved by 8.30 am.

“In addition to the servers which run the Domain Name System (DNS), the Registry maintains a registration system through which customers may register new domains, renew domains, change details of their domains, etc.,” he said.

Access to the .lk domain registration systems was restricted to prevent further damage, he said.

“Once the changes were identified, our team immediately reverted the changes to their previous settings. This was completed within 90 minutes. This issue was immediately reported to our security partner, TechCERT, who began the probe together with the LK technical and the operations teams,” Prof. Dias said.

It was identified that the changes were done remotely by accessing the Domain Registration system. TechCERT was able to identify the incident was done by compromising of the credentials of one system user account and bypassing of the restrictions which normally prevent the admin interface from being accessed from the Internet.

However, it was reported that there was no evidence of any other unauthorised access to our systems.

“We have also not found any evidence of changes to any .lk websites, or of any information being stolen from any other .lk websites. We have not found any substantial evidence that any malware had been distributed via the website pointed to by the attackers.

Together with TechCERT, the shortcomings in our security mechanism have been identified, and we have updated our systems to mitigate these vulnerabilities.

 Several other security improvements have also been applied. Our domain registration systems are now back on-line.
When you first log-in to the system, after it is back on-line, we recommend you reset your password by visiting My Profile > Change Password. (Chaturanga Samarawickramam)


Order Gifts to Sri Lanka. See Kapruka's top selling online shopping categories such as Toys, Vegetables, Grocery, Flowers, Birthday Cakes, Fruits, Chocolates, Clothing and Electronics. Also see Kapruka's unique online services such as Sending Money,Online Books, Delivery Service, Food Delivery and over 700 top brands. Also get products from Amazon & Ebay via Kapruka Gloabal Shop Sri Lanka

  Comments - 1

Order Gifts to Sri Lanka. See Kapruka's top selling online shopping categories such as Toys, Vegetables, Grocery, Flowers, Birthday Cakes, Fruits, Chocolates, Clothing and Electronics. Also see Kapruka's unique online services such as Sending Money,Online Books, Delivery Service, Food Delivery and over 700 top brands. Also get products from Amazon & Ebay via Kapruka Gloabal Shop Sri Lanka
  • RoaringCreek Saturday, 13 February 2021 09:15 AM

    In todays cyber protection is to detect before attacked. This is done by observing incoming traffic patterns and block unusual traffic. There are many software tools with some form of AI. We wait for the attack and then take action. The root of Internet traffic are the DNS (Domain Namer Service) servers and they need to be protects. They should get help from Sri Lanka IT Guru, GOTA, Ha Haa Haaa!


Add comment

Comments will be edited (grammar, spelling and slang) and authorized at the discretion of Daily Mirror online. The website also has the right not to publish selected comments.

Reply To:

Name - Reply Comment




Order Gifts to Sri Lanka. See Kapruka's top selling online shopping categories such as Toys, Vegetables, Grocery, Flowers, Birthday Cakes, Fruits, Chocolates, Clothing and Electronics. Also see Kapruka's unique online services such as Sending Money,Online Books, Delivery Service, Food Delivery and over 700 top brands. Also get products from Amazon & Ebay via Kapruka Gloabal Shop Sri Lanka

Canada’s targeted sanctioning of Gota and Mahinda

History was made last week when two former executive presidents of Sri Lanka

SC judgement on Easter attack: Court rules negligence stood in the way of avoiding most heinous crime

“On the ill-fated day of 21st of April 2019, this island home was awoken ru

Lasantha was a Fearless Editor who Spoke Truth to Power

Friends,Family members, colleagues, schoolmates and admirers of Lasantha Wick

That bullet wasn’t intended for her

Iresha Shyamali was exhausted from a two-day pilgrimage in Anuradhapura.