Jump to content

2019 cyberattacks on Sri Lanka

From Wikipedia, the free encyclopedia
2019 cyberattacks on Sri Lanka
Date19 May 2019
Location Sri Lanka

The 2019 cyberattacks on Sri Lanka were a series of powerful cyberattacks on at least 10 Sri Lankan domestic websites with the public domains of .lk and .com.[1] The cyberattack is speculated to have been conducted on 18 and 19 May 2019, the day following the Vesak festival and amid the persistent temporary social media ban in the country.[2] The website of the Kuwaiti Embassy operating in Sri Lanka was also affected by the cyberattacks.[3][4] The investigations are currently carried out by Sri Lanka Computer Emergency Readiness Team along with Sri Lanka Signals Corps.[5]

Background

[edit]

Sri Lanka, an island nation located in South Asia, has experienced its share of socio-political challenges over the years, including ethnic conflicts and political instability. In this context, cybersecurity emerged as a critical concern for the country's stability and national security.

As Sri Lanka embraced digitalization, recognizing the potential rise in cybersecurity threats and the rapid expansion of information and communication technology (ICT) infrastructure, the nation took proactive steps. The Sri Lanka Coordination Centre (CERT|CC)[6] was established as the country's official National CERT under the auspices of the ICT Agency of Sri Lanka. This institution's primary mission was to fortify Sri Lanka's resilience against emerging cyber threats and to adapt to the changing cybersecurity landscape.

As noted by Sri Lanka CERT, the nation has a documented history of prior cyber incidents.[7] This history includes a range of incidents reported to Sri Lanka CERT during the year 2016, as detailed in the APCert report of 2016.[8] This historical context may serve as a noteworthy indicator of the potential for future significant cyberattacks, such as the 2019 cyberattack.

The Event

[edit]

In May 2019, Colombo experienced a series of cyberattacks that targeted multiple Sri Lankan websites, including those with the .lk and .com domains.[9] Notably, the cyberattacks extended beyond national borders to affect a foreign embassy located in Sri Lanka.[10]

The Sri Lanka Computer Emergency Readiness Team (SLCERT)[6] reported that among the victims of these cyberattacks were the websites of the Kuwait Embassy in Colombo, the Tea Research Institute in Talawakelle, The Rajarata University in Mihintale, and 10 private institutions.[11] The attacks were primarily website defacements, where attackers altered the content of the websites. SLCERT, along with TechCERT and the Cyber Operations Center operating under the Ministry of Defence, is actively engaged in ongoing investigations to ascertain the nature and origins of these attacks.

After the incident the CEO of SLCERT, Dileepa Lathsara, revealed that several of the targeted websites have already been restored to their previous states.[12] These cyberattacks were particularly impactful on websites that possessed minimal cybersecurity safeguards, highlighting the importance of enhanced cybersecurity measures. SLCERT emphasizes the need for the general public to prioritize the security of their websites to prevent future incidents.

References

[edit]
  1. ^ "Cyber attack on several SL websites - Sri Lanka Latest News". Sri Lanka News - Newsfirst. 2019-05-19. Retrieved 2019-05-19.
  2. ^ "Sri Lanka websites including Kuwait embassy face intense cyber attacks". International Business Times, Singapore Edition. 2019-05-19. Retrieved 2019-05-19.
  3. ^ "The digital virus threat". rajeevyasiru.com. 15 May 2020. Retrieved 2020-05-31.
  4. ^ "Cyber attack on several Sri Lankan websites including Kuwait Embassy". www.adaderana.lk. Retrieved 2019-05-19.
  5. ^ "Cyber Attack on several Sri Lanka websites". Retrieved 2023-08-21.
  6. ^ a b "Sri Lanka CERT". Retrieved 2023-10-07.
  7. ^ Ishan Senarathna; Warren, Matthew (2017). "A Sri Lankan hacking case study". Australian Information Security Management Conference. doi:10.4225/75/5a84fb0495b50. Retrieved 2023-10-07.
  8. ^ "APCert 2016 Report" (PDF). Retrieved 2023-10-07.
  9. ^ "Cyber attack on several Sri Lankan websites including Kuwait Embassy". YouTube. 19 May 2019. Retrieved 2023-10-07.
  10. ^ "Cyber attack on foreign embassy and other web sites in Sri Lanka". Retrieved 2023-10-07.
  11. ^ "Cyber attack on several websites including Kuwait Embassy". Retrieved 2023-10-07.
  12. ^ "UPDATE: Cyber attack on several SL websites restored". Retrieved 2023-10-07.