when almost every service and system is digitalized, the lack of maintenance of these core systems makes us vulnerable to such hackers and threats
On the 31st of July, Bangladesh received a cyber-attack threat from Dark Web. In response to the threat, Bangladesh Government’s Computer Incident Response Team (BGD e-GOV CIRT) declared a situational alert on the probable cyber threat. In alert notice CIRT urged to country’s Gov’t & military institutions, law enforcement agencies, banking and NBF institutes, pharmaceutical companies, retail, and industrial organizations, and lastly, energy and education sectors to bolster their cyber security systems through every angle. On the basis of which, Bangladesh Bank ruled ICT Security Advisories & Alerts on 8th July 2023.
You can also read: Bank Credits Up, private Borrowing Down Contrarily
BB’s Declaration for Country’s Financial Systems
On 2nd August of 2023, Bangladesh Bank ruled a set of instructions to follow for the country’s NFBIs, all the scheduled Banks and other payment gateways (like Bkash, Nagad, and Upai) of Bangladesh are instructed to strictly monitor their websites and servers 24/7 under zero tolerance regulations.
About the Declaration-
BB’s ICT Security Advisories & Alerts
On the 8th of July 2023, Bangladesh Bank published their ICT Security Advisories & Alerts for the country’s financial systems. Which includes Security updates of multiple products, FortiOS and FoertiPROXI upgradation, maintenance of critical Zero-day security flaws, awareness regarding Dropbox data breach, remote code execution venerability, and other previous case information of various types of data breaches.
About CIRT’s Public Release
Bangladesh Government’s Computer Incident Response Team (BGD e-GOV CIRT) notified that the hacker entity claims themselves as ‘hacktivist’ groups based in India and have been targeting organizations from Pakistan, and Bangladesh. CIRT has identified several groups with the same motivation who have been doing Denial-of-Service (DDoS) attacks, website defacements, compromising the website, and using malicious PHP shells as a backdoor to drop payloads.
So far some of their activities have been observed by CIRT-
Journalist’s View
To be more exact the specific selection of the day 15th August has given birth to multiple assumptions considering its being Bangladesh’s Mourning Day and India’s Liberation Day, given that Cyber-attack is a type of extra-terrestrial terrorism. And this consistent attacks from June are indicating a bigger picture keeping Bangladesh’s National Election ahead.
On the other hand, such hacker groups do not really need to define their origin, target, or date of execution but in this case, the Hacktivist group has already declared it publicly giving the opportunity for taking safety measures, and it won’t be wise to rely on that. The group may have used India and the date for shadowing themselves. And the consistent attacks are indicators that 15th August may not be the only date for their execution leaving a room filled with uncertain darkness. More to think a chain of such similar attacks have been observed on only the developing countries since the May of 2023, given that these countries are not capable enough to confront such attacks.
Also, it is unfortunate that, in this era of Smart Bangladesh, the country has a huge lack of consistent IT Audit Practices regarding the usage of cyberspace. Today, when almost every service and system is digitalized, the lack of maintenance of these core systems makes us vulnerable to such hackers and threats. Regardless of the Government’s immense policies and initiatives, the vulnerability remains under our lack of institutional responsibilities.
