This page is intended to answer the Frequently Asked Questions (FAQs) about Sri Lanka CERT|CC and will be updated periodically. Additional questions and your suggestions are welcome. Please E-mail them to cert@cert.gov.lk

About Sri Lanka CERT | CC

Sri Lanka Computer Emergency Readiness Team | Coordination Centre (Sri Lanka CERT) is the single trusted source of advice about the latest threats and vulnerabilities affecting computer systems and networks, and a source of expertise to assist the nation and member organizations, in responding to and recovering from Cyber attacks. It was set up in June 2006, in collaboration with the Information and Communication Technology Agency (ICTA) of Sri Lanka.

Sri Lanka CERT|CC is wholly owned by the Government of Sri Lanka and it’s under the Ministry of technology of Sri Lanka.

Address - Room 4-112, BMICH, Bauddhaloka Mawatha, Colombo 07, Sri Lanka

Telephone - +94 11 2691 692; +94 11 2679 888 Fax: +94 11 2691 064

Email - cert@cert.gov.lk

Website - www.cert.gov.lk

Sri Lanka CERT | CC Services

Sri Lanka CERT | CC provides four types of services to its constituency. They are responsive services, awareness services, research and policy development and consultancy services. The responsive services include incident handling and digital forensics while awareness services include the provision of a technology watch, providing cyber security threat alerts, conducting seminars & workshops and providing a knowledgebase on our website. Assisting government and private sector organizations to develop their information security policy is coming under research and policy development services. Services such as technical audits, penetration testing, disaster recovery and business continuity planning, advisory for national security policy development are covered in our consultancy services.

Cyber threats are on the rise and growing in complexity. But, the economy is forcing organizations to drive down their operational costs while still maintaining an aggressive and proactive security posture. Sri Lanka CERT|CC will take care of security posture of your organization while you can focus on your business. Managed security services will be the best solution to address the cyber security issues in a cost effective manner.

Sri Lanka CERT|CC provides several channels to report an incident. You may fill the incident reporting form on our website, contact us through telephone, send us a fax or email us with the details of your incident.

Our constituents are the government of Sri Lanka and the citizens of Sri Lanka.

  • Responsive services (Remote support only)
  • Incident Handling
  • Awareness services (From our website & public media only)
  • Technology watch
  • Alerts
  • Knowledgebase

Sri Lanka CERT|CC will disseminate information about the incident and the precautions that need to be taken, through all publicly accessible media. In addition, members will be entitled to receive.

Yes, Sri Lanka CERT|CC will only provide technical assistance to resolve social media incidents. If the victim needs to carry out an investigation or to take legal action they should contact a Law Enforcement body like Sri Lanka Police.

Following are instances that Sri Lanka CERT|CC will provide support

  • Provide technical assistance in removing fake account or page (Ex: Facebook, Instagram)
  • Provide technical assistance in removing hacked accounts from Facebook
  • Provide Technical assistance in reporting (removing pictures, images, videos and other contents) that violates Facebook privacy policy

Following are instances that Sri Lanka CERT|CC will not provide support to,

  • Take legal actions against the perpetrators who are involved in social media incidents
  • Trace the locations of perpetrators
  • Remove content (Photos, Videos, Posts, etc.) from Social media sites like Facebook, Instagram, etc. Users are advised to report that violates their privacy directly to the social media sites like Facebook
  • Blocking of websites

Sri Lanka CERT|CC does not provide support to remove content from Gossip Websites. Also, we will not take any legal action against these websites. Sri Lanka CERT|CC does not block access to Websites.

General Information

A computer security incident is any event which may cause harm to your computer system or network.

  • Unauthorized access
  • Denial of service/disruption
  • Site defacing
  • Phishing (See Glossary)
  • Virus attacks

There are certain steps you can take to make your home computer less vulnerable. Please read the article in our knowledgebase-Security for Home Computers.

Most trusted sources which provide downloadable files to their customers ensure that the transferred file has arrived intact, by providing a pre-computed hash value (e.g. MD5, SHA-1) for the file, so that a user can compare the checksum of the downloaded file to it.

yes. There are mobile phone viruses specifically adapted for the cellular environment and designed to spread from one vulnerable phone to another. Attacking a PDA is not as easy as attacking a PC. Because the operating system is in ROM. The art of exploiting PDAs is relatively new. PDAs running Windows have been compromised, using Cabinet files and the Auto run feature of removable media cards to introduce malicious programs. Pocket Internet Explorer can be used to trick users into revealing personal information. Additionally, Soft Input Panel (SIP) that substitutes for a hardware keyboard on Pocket PCs can easily be replaced by a seemingly identical program that logs keystrokes.

Spam is unsolicited e-mail that crowds inboxes with unwanted and objectionable materials. Spam can hinder e-mail communication by making valid e-mail messages difficult to identify. Deploy a spam filter for your email client or inform your email service provider to filter your emails for spasm at the server end.

Sometimes you may feel that your computer is not as quick as it used to be, things take forever or funny messages pop up etc. A few basic checks will help you to recover from it by your self before you call for assistance from a computer expert.

  1. Check the available memory. For example, If you are running Windows 10 with 4 GB of memory or less, you are asking for trouble.
  2. Various applications and web sites continually create “temporary” files on your PC but fail to delete them. You can use “Disk clean up” function to clear many of them in Windows.
  3. The Registry is the “heart” of your operating system; it continually gets “clogged” with outdated entries left there by careless applications; incomplete uninstall procedures, etc. Acquire a quality registry cleaner and run it periodically (Take a Restore Point before using it).
  4. Run a full virus scan periodically to make sure nothing has “sneaked through”. Set your virus scanner for automatic updates (if supported).
  5. Run Defragmentation periodically, especially if your hard drive is crowded (not as critical as sometimes portrayed on very large drives with lots of free space)

Computer security is required because most organizations can be damaged by hostile software or intruders. There may be several forms of damage which are obviously interrelated. These include:

  • Damage or destruction of computer systems
  • Damage or destruction of internal data
  • Loss of sensitive information to hostile parties
  • Use of sensitive information to steal items of monetary value
  • Use of sensitive information against the organization's customers which may result in legal action by customers against the organization and loss of customers.
  • Damage to the reputation of an organization
  • Monetary damage due to loss of sensitive information, destruction of data, hostile use of sensitive data, or damage to the organization's reputation.