- Several .lk and .com websites belonging to different institutions in Sri Lanka were defaced in the cyber attack.
- However, none of the gov.lk websites are affected by the attack.
Cybercriminals have defaced websites of at least 11 institutions in Sri Lanka in a recent cyber attack. The list of affected organizations includes the Kuwait Embassy in the country.
What’s the matter?
In a conversation, Ravindu Meegasmulla, the Information Security Engineer of Sri Lanka Computer Emergency Readiness Team (SLCERT) confirmed that several .lk and .com websites belonging to different institutions in Sri Lanka had faced a cyber attack. This resulted in web defacement, Daily News reported.
The SLCERT came to know about the incident on May 18, 2019. Upon discovery, the team immediately took preventive steps by informing the affected institutions.
Meanwhile, Meegasmulla has said that none of the gov.lk websites have been affected in the attack.
Which websites are affected?
Websites of the Kuwait Embassy in Colombo, the Tea Research Institute in Talawakelle, The Rajarata University in Mihintale and 10 other private institutions have fallen victim to the cyber attack.
What is being done?
The SLCERT is working along with the TechCERT and the Cyber Security Operation Unit of Sri Lanka Air Force to investigate and resolve the matter.
The SLCERT is also continuously monitoring other significant websites in the country to detect suspicious activities.
Meanwhile, many of the affected websites have been restored to their previous condition. The CEO of TechCERT, Dileepa Lathsara stated that the attackers exploited several vulnerabilities to hack these websites. These websites were found to be equipped with cybersecurity measures.
"The Hackers were targeting vulnerable websites to publish their messages. So, they were able to exploit some vulnerability/vulnerabilities in a couple of websites, as was seen", said Lathsara, Daily News reported.