Bangladesh Bank, the central bank of Bangladesh has issued 11-point instructions to all banks and financial institutions of the country to avoid the risks of cyberattacks. Last Thursday, Bangladesh Bank officially informed the instructions regarding this.
A group of hackers has threatened to attack the cyber world of Bangladesh. They mentioned August 15 as the date of possible attack. In view of the threat, a cybersecurity alert has been issued by the Government’s Computer Incident Response Team- BGD e-GOV CIRT. A press release of BGD e-GOV CIRT on August 7 said that cyberattacks can disrupt the operations of State Critical Information Infrastructures (CII), banks, financial institutions, healthcare, government and private institutions. All concerned organizations are asked to take pre-preparedness to prevent small or medium cyberattacks.
Among the instructions given by Bangladesh Bank to avoid the risks of cyberattacks, it is noteworthy to monitor the network infrastructure 24 hours, especially outside the office hours, and to keep an eye on whether someone is removing information or not. Access to various websites should be controlled to minimize cyberattacks. Apart from this, the latest guidelines of the Open Web Application Security Project (OWA SP) should be followed to strengthen the security system in addition to taking various measures to detect insecure activities on the network.
BGD e-GOV CIRT mentioned some of the recent notable cyberattacks targeting Bangladesh. These include a hacker group claiming a cyberattack on payment gateways, law enforcement agencies and the banking sector in Bangladesh on August 1. Also, on July 3, a hacker group claimed that they had attacked Bangladeshi transport services for an hour. On June 27, a hacker group defaced the website of a government college in Bangladesh and released a sample of their work. The same was done on the site of a health sector organization on June 24.
CIRT has given some suggestions to ensure the security of the infrastructure of the concerned organizations to avoid cyberattacks. They are deploying firewalls to analyze incoming HTTP/HTTPS traffic and filter out malicious requests and traffic patterns. Protecting important services like DNS, NTP and Network Middle Box. Validating user input. Backing up the website. Implementing HTTPS on websites with SSL/TLS encryption. Using updated technology and reporting anything suspicious to BGD e-GOV CIRT.