• News
  • Privately Owned Domain Hijacked by Government! Mercantile Accepts the Confiscation

Privately Owned Domain Hijacked by Government! Mercantile Accepts the Confiscation

Sanjeev Dulal 15 May, 2020

The talks about improper management of IT infrastructure owned by Nepal government is now routine news. The government recently launched the portal for the funding of startups with poor management and this time the government captured domain registered in the person's name to use it for the online learning portal for school students. The domain registered in the name of e-learning Pvt. Ltd., which has been in operation for the past six years, has been taken over by the Ministry of Education, Science and Technology.

The managing director of the company said that the domain was hijacked without their consent and information. "We have been providing services to various educational institutions in the same domain, even as sub-domains," he said. We tried to obtain information about this at Mercantile Domain Registration and they responded an email saying that no changes had been made to the domain on its behalf, he added. Despite the reply from mercantile, the domain appears to have been hosted on a National Information Technology Center (NITC) server for some time. Since Thursday, online education-related materials of the Education and Human Resource Development Center started appearing in the domain.

The Center is a body under the Ministry of Education and Science and Technology. The centre has started providing online study materials for students up to class 10 during the lockdown. The Center for Education and Human Resource Development (CEHRD) had earlier placed these materials in the subdomain of learning.cehrd.gov.np. However, the subdomain is still in operation. The elearning.edu.np domain has been in the name of the private company since March 24, 2014. Registered on February 20, 2014, eLearning Pvt. Ltd. has been providing an education management system and online education services through the same domain.

Managing Director of the company said that they have been providing necessary technical services to various colleges and non-profit educational institutions for the past six years through the domain. However, he regretted that the service was suspended after the government took over the domain from Tuesday. "We have been providing services by registering a company after completing the legal process prepared by the government," he said. The company has officially sent another letter to Mercantile with PAN, VAT and other documents.

The executive director of the National Information Technology Center, which has jurisdiction to register government domains (.gov.np), said the domain may have been demanded for the convenience of the students. "We have been sending recommendations to Mercantile in case of requests for domains from various government agencies and government-owned organizations and educational institutions," he said. He also added that using the private domain for government purpose is not the right thing and needs to be investigated.  

Mercantile is the sole registrar for the dot np(.np) domain registration in Nepal. However, in recent times, the .gov.np domain not should be registered only after the recommendation of NITC. Earlier the head of the domain department of Mercantile Communications, Thupten Bajracharya, said he was not aware of the matter. "Domain registration is being done by other subordinates," he said. What's more, we're investigating the matter. 'He said the domain should be registered by the person whose name it is registered with.

Mercantile Admits the Mistake

The reach of the private domain to Government bodies was mistakenly done by Mercantile Communications. The company admitted that the domain name server had changed due to the weakness of the employees and which is hard to monitor as the employees are working from home. Mercantile's domain department head, Thupten Bajracharya, said the domain change was due to a mistake made by his own staff. He also said that the domain name server changed when one of their staff mistakenly requested a name server change.

He informed that they have rectified the weakness. He said, ‘Now we have returned the domain in the name of the person whose name is registered'. The company apologizes for the inconvenience. The elearning.edu.np domain name has now been propagated. 

During the time of talks about data security, privacy concerns in the internet world in context to Nepal, this is one of the big mistakes which should not be taken lightly. Recently, the data of Vianet Communications and Foodmandu was breached and sold to the dark web. This type of mistakes not only impact an organization but also increases the security threat of the end-users. 

 

TechNews nepal government domain hijack covid19

Post Comments