This page is intended to answer the Frequently Asked Questions (FAQs) about Sri Lanka CERT|CC and will be updated periodically. Additional questions and your suggestions are welcome. Please E-mail them to cert@cert.gov.lk
Sri Lanka Computer Emergency Readiness Team | Coordination Centre (Sri Lanka CERT) is the single trusted source of advice about the latest threats and vulnerabilities affecting computer systems and networks, and a source of expertise to assist the nation and member organizations, in responding to and recovering from Cyber attacks. It was set up in June 2006, in collaboration with the Information and Communication Technology Agency (ICTA) of Sri Lanka.
Sri Lanka CERT|CC is wholly owned by the Government of Sri Lanka and it’s under the Ministry of technology of Sri Lanka.
Address - Room 4-112, BMICH, Bauddhaloka Mawatha, Colombo 07, Sri Lanka
Telephone - +94 11 2691 692; +94 11 2679 888 Fax: +94 11 2691 064
Email - cert@cert.gov.lk
Website - www.cert.gov.lk
Sri Lanka CERT | CC provides four types of services to its constituency. They are responsive services, awareness services, research and policy development and consultancy services. The responsive services include incident handling and digital forensics while awareness services include the provision of a technology watch, providing cyber security threat alerts, conducting seminars & workshops and providing a knowledgebase on our website. Assisting government and private sector organizations to develop their information security policy is coming under research and policy development services. Services such as technical audits, penetration testing, disaster recovery and business continuity planning, advisory for national security policy development are covered in our consultancy services.
Cyber threats are on the rise and growing in complexity. But, the economy is forcing organizations to drive down their operational costs while still maintaining an aggressive and proactive security posture. Sri Lanka CERT|CC will take care of security posture of your organization while you can focus on your business. Managed security services will be the best solution to address the cyber security issues in a cost effective manner.
Sri Lanka CERT|CC provides several channels to report an incident. You may fill the incident reporting form on our website, contact us through telephone, send us a fax or email us with the details of your incident.
Our constituents are the government of Sri Lanka and the citizens of Sri Lanka.
Sri Lanka CERT|CC will disseminate information about the incident and the precautions that need to be taken, through all publicly accessible media. In addition, members will be entitled to receive.
Yes, Sri Lanka CERT|CC will only provide technical assistance to resolve social media incidents. If the victim needs to carry out an investigation or to take legal action they should contact a Law Enforcement body like Sri Lanka Police.
Following are instances that Sri Lanka CERT|CC will provide support
Following are instances that Sri Lanka CERT|CC will not provide support to,
Sri Lanka CERT|CC does not provide support to remove content from Gossip Websites. Also, we will not take any legal action against these websites. Sri Lanka CERT|CC does not block access to Websites.
A computer security incident is any event which may cause harm to your computer system or network.
There are certain steps you can take to make your home computer less vulnerable. Please read the article in our knowledgebase-Security for Home Computers.
Most trusted sources which provide downloadable files to their customers ensure that the transferred file has arrived intact, by providing a pre-computed hash value (e.g. MD5, SHA-1) for the file, so that a user can compare the checksum of the downloaded file to it.
yes. There are mobile phone viruses specifically adapted for the cellular environment and designed to spread from one vulnerable phone to another. Attacking a PDA is not as easy as attacking a PC. Because the operating system is in ROM. The art of exploiting PDAs is relatively new. PDAs running Windows have been compromised, using Cabinet files and the Auto run feature of removable media cards to introduce malicious programs. Pocket Internet Explorer can be used to trick users into revealing personal information. Additionally, Soft Input Panel (SIP) that substitutes for a hardware keyboard on Pocket PCs can easily be replaced by a seemingly identical program that logs keystrokes.
Spam is unsolicited e-mail that crowds inboxes with unwanted and objectionable materials. Spam can hinder e-mail communication by making valid e-mail messages difficult to identify. Deploy a spam filter for your email client or inform your email service provider to filter your emails for spasm at the server end.
Sometimes you may feel that your computer is not as quick as it used to be, things take forever or funny messages pop up etc. A few basic checks will help you to recover from it by your self before you call for assistance from a computer expert.
Computer security is required because most organizations can be damaged by hostile software or intruders. There may be several forms of damage which are obviously interrelated. These include: