In a rather unexpected turn of events, a group of yet-to-be-identified hackers have hacked Sri Lankan President Maithripala Sirisena’s official website for two consecutive days. Here’s what we know about the attacks so far.
The First Attack
The first took place on the 25th of August, which was a Thursday. It included a message that was posted on the home page. In it, the hacker/s made a number of demands to the government. One of these demands being a call to reconsider the decision to hold the GCE A/Level examination in April rather than in August. In addition, it also pointed out to the Government to be more conscientious regarding the security of Sri Lankan websites. If no action were to be taken with that regard, it could possibly result in the country being a part of yet another war. Not civil, but a cyber-one at that. Most distressing indeed.
That wasn’t all, though. More demands were made by the rather bold hacktivists which also included the stopping of ‘irresponsible conduct’ by the Prime Minister, and also urged the Government to pay more attention to the problems faced by university students.
The Second Attack
After the first attack, the site returned to its normal state within a few hours. However, the President’s Media Director, Dharmasiri Bandara Ekanayake stated that a decision was made to take the site offline for a much longer period. This was in response to a second attack that took place on Friday, the 26th of August. This time, the hackers made no demands.
Who’s responsible for this?
An individual or party taking the name “The Sri Lankan Youth” is suspected to be responsible for the initial attack. Meanwhile, a Bangladeshi hacker is suspected to be behind the second attack on Friday. Furthermore, the CID (Criminal Investigation Department) has arrested a 17-year-old schoolboy from Kadugannawa, for allegedly hacking the website. Another 26-year-old man was also arrested today in Moratuwa and charged with hacking the President’s website.
The unnamed boy who was arrested was charged under the Computer Crimes Act. Upon conviction, he faces a fine of Rs. 300,000 and up to three years in jail. The Computer Crimes Act was enacted by Parliament and certified by the Speaker as the Computer Crimes Act No. 24 of 2007. The purpose of the Act is to addresses computer-related crimes and hacking offenses. You can download the Computer Crimes Act and read it in full here.
Herein lies the catch
Digging into the source code of the President’s website, we found that it is hosted on WordPress. In case you’re lost, WordPress is a free and open-source content management system that is a popular choice for people to host their blogs and personal websites. The issue here is that apparently, a site hosted on WordPress is rather easy to hack into if not protected properly.
Surely if the President’s own website was hosted on a platform such as this, those responsible would ensure that the site has adequate safety measures to ensure that only those with authorized access can indeed have access to it? After all, if the site indeed was hacked by a 17-year-old school-goer, then that dictates a rather alarming flaw in the cyber security of websites in Sri Lanka.
Conversely, it also goes to show the level of IT prowess amongst the youth in the country. Perhaps, the government should consider hiring the 17-year-old school-goer if he was indeed behind the attack. At the very least, we’re pretty sure that the government administrators could learn how to write proper HTML from him.
Sri Lanka’s cybersecurity problem
Jokes aside. The fact remains that the Sri Lankan government needs to seriously take a look at cyber security. After all, this isn’t the first time government websites have been hacked.
Back in 2013, the Sri Lankan Media Center for National Security saw its website hacked. In 2014, we saw 129 government websites hacked and defaced on Avurudhu. And just last year, we were accused of hacking the Presidential Secretariat when it was actually either an administrative blunder or a clever hacker.
You’d think that after so many attacks and security blunders, the government would step up its cyber security game. But sad truth is that our government IT departments have not learned their lesson. And so the attack on the President’s website becomes another one of many government websites hacked that we know of. It’s important to stress that these are attacks we know of. The mark of a good hacker is to carry out an attack that is undetected and leaves no traces.
Thus far, no new details have come up. The President’s website seems to be operating at its usual capacity. If new details do reveal themselves, we will bring them to you as and when they happen.
Update One (September 2nd, 2016)
At a media briefing held yesterday, afternoon Minister Mahinda Amaraweera stated that the 17-year-old charged with hacking the President’s website might be pardoned. The Minister said that President Sirisena has stated that a pardon could possibly be granted if the family of the 17-year-old makes a request. However, the Minister went on to state that President Sirisena will not interfere with Court proceedings. The possibility of pardoning the 17-year-old will only be looked into by the President if a verdict was issued over the offense.
Meanwhile, Minister of Telecommunication and Digital Infrastructure Harin Fernando also made a few statements. He said that it is possible that the 17-year-old might be awarded a scholarship once he is out of juvenile probation. The Minister also stated that the government was partly to blame and acknowledged that the President’s website was not sufficiently protected.
Minister Harin Fernando went on to state that the government would be taking cyber security more seriously after this debacle. With that in mind, Rs. 2 billion has been allocated to set up a security operations center to help put a stop to these attacks. Furthermore, government websites will now be maintained by the ICTA.
GIPHY App Key not set. Please check settings