Over the past weeks, several high-profile websites from Sri Lanka have been targeted by hackers. The country’s National Computer Emergency Readiness Team’s Coordination Center (CERT|CC) is concerned about the attacks.However, the CERT’s representatives say that they’ve learned about the breaches only from the media.
CERT|CC Information Security Engineer Roshan Chandragupta has told The Nation that they can’t investigate these attacks unless they’re asked by officials to do so.
“Since our ability to investigate these claims is limited, we went online after reading news reports only to find that the site was working fine. It could be that the website was repaired and put back immediately or that it was not hacked in the first place,” Chandragupta explained.
“We advise those who are concerned to get in touch with us either before putting their site up online or when they feel that it is hacked.”
On the other hand, it appears that cyber security coordination is not one of Sri Lanka’s strong points. The Telecommunication Regulatory Commission of Sri Lanka said it could only investigate the breaches that affected a couple of TV stations if a request were made by CERT.
CERT|CC, however, is waiting for a response from the government, which so far has been quiet.
For instance, the website of the National Security Media Center is still offline and officials haven’t admitted that it has been hacked, despite the fact that, at some point, the site was defaced.
In the meantime, Davy Jones, the hacker responsible for breaching the Sri Lanka Ports Authority, the Board of Investment of Sri Lanka, and the website of the country’s Minister of Sports, has told Softpedia that he plans on attacking the systems of the Stock Exchange (cse.lk).
It’s uncertain if it’s related, but the site of the Colombo Stock Exchange, the main Sri Lanka stock exchange, is currently experiencing some serious performance issues.