NIC.lk

NIC.lk serves as the national administrator for Sri Lanka's country code top-level domain (.lk), managing the registration and technical infrastructure for domains under this national identifier. Its core function involves overseeing the domain name system (DNS) operations specifically for Sri Lankan entities and services utilizing the .lk suffix. This role places NIC.lk in a critical position for the nation's online presence, ensuring the accessibility and integrity of websites and online services associated with Sri Lanka. The organization operates from its headquarters within Sri Lanka, focusing exclusively on managing the national domain namespace. Its operational scope is defined by its responsibility for the .lk domain registry.

A significant incident highlighting NIC.lk's critical role occurred on February 6, 2021, when a hacktivist group compromised multiple high-profile .lk domains, including google.lk and oracle.lk. The attackers poisoned DNS records, redirecting users to a webpage protesting social grievances related to press freedom, political corruption, and minority rights. This disruption lasted several hours before mitigation efforts took effect. NIC.lk, identified as the country's domain administrator in reports, publicly acknowledged the security breach and successfully resolved the technical compromise within hours of its discovery. While the national telecommunications regulator confirmed the attack, the full extent of impacted domains beyond the publicly named examples was not officially disclosed. The incident drew considerable public attention shortly after Sri Lanka's independence celebrations, amplified by social media reports despite its relatively brief duration. NIC.lk's prompt response confirmed its operational responsibility for restoring the integrity of the .lk DNS infrastructure.