CERT ensuring President’s website invulnerable

BY Kavindya Chris Thomas, Cassendra Doole, Shaahidah Riza and Methmalie Dissanayake-2016-08-29

Sri Lanka's Computer Emergency Readiness Team (CERT) has taken various steps to ensure that President Maithripala Sirisena's official website will in future not be vulnerable to hackers, following last week's cyber attack that threatened a cyber war in the near future.

Information Security Engineer of CERT Roshan Chandragupta said that they were working together with the Information Technology Department of the President's office, to take precautionary methods in the fallout of the attack.

The Criminal Investigations Department (CID), which is carrying out a separate inquiry into the matter, is yet to ask for CERT's assistance, he said adding that it will be the CID which will be looking for those who carried out the attack.
Chandragupta added that their main goal, that of getting the website back online, has been successful and they are in the process of strengthening its privacy.
"We [CERT] are investigating how the defamatory attack took place. We have collected data on the attack and are in the process of analysing it. We discovered several vulnerabilities and loopholes which allow unauthorized individuals to enter and change information on the website. However, it is still early to comment on, as to how the perpetrators actually managed what they did," he opined.

Speaking to Ceylon Today he stated that the hackers might have used a number of methods to deface the President's website.
"We are looking into several technical issues that the hackers might have used to enter the website such as problems in the software or the servers or even content management systems. However, it is also possible that username and passwords were misplaced or stolen for this hack; meaning that it might not be a technical issue but also human error."

Certain members of the Joint Opposition condemned the recent cyber attack, aimed at President Maithripala Sirisena's website, stating that something serious has been considered. United Peoples Freedom Alliance (UPFA) MP Vidura Wickremenayake said, "Most of the websites can be hacked. Even the websites which are well protected tend to get hacked. This is the problem with advanced technology, it doesn't draw a line. We should not condone such things. We condemn this attack, especially because it is the website of the President of this country. If his website is vulnerable for hacking, something serious has been considered."
The President's official website www.president.gov.lk was breached by an unknown group of hackers last Thursday (25) and Friday (26). The President's Media noted that a decision was taken to temporarily take down the website after it was hacked for a second time on Friday evening. The first attack occurred on Thursday, when hackers infiltrated the site and posted a message in Sinhala under the name 'The Sri Lankan Youth', and made several demands of the Government.

The hackers demanded the Government to reconsider the decision to hold the GCE A/Level examination in April instead of August, and ironically requested the government to be vigilant about the security of Sri Lankan websites. The message went on to add that negligence with regard to cyber security would lead to more cyber attacks. The hackers, showing clear political motivation behind closed doors, advised the President to hold a presidential election if he is unable to control the situation the country is facing. They further demanded a stop to the "irresponsible conduct" of the Prime Minister and to be more attentive to issues faced by university students.
Speaking to Ceylon Today, UPFA MP, Udaya Gammanpila said, "Everyone will agree that as the Head of State, the President and his media crew should take every measure to ensure the security of the country's communication channels. But after this incident we cannot see that such measures have been taken. The President's website is the official website of the government as well. If they cannot protect a website how can they protect a country?"

Minister Rajitha Senaratne, however, did not share the same sentiments. Commenting on the matter he stated that the government is waiting until the inquiries into the attack reveal who the perpetrators are. When inquired about the eerie similarity in the demands made by the Joint Opposition and the hackers to hold another presidential election, he stated: "There is no need to hold another presidential election just because some criminals demanded it. If the Joint Opposition has made demands to hold another presidential election previously, then they must be the hackers. If they represent the ideas of the hackers, they must have some involvement as well. They must have some understanding with them. Why should we answer to demands made by criminals?"