In recent years, Bangladesh has become one of the most vulnerable countries in cyberspace. With the increasing number of internet users and evolving sophisticated threat landscape, the number of attacks ratio is also going up.

Bangladesh Government’s Computer Incident Response Team (BGD e-GOV CIRT) released a recent alert anticipating an attack on 15^th August targeting critical information infrastructures (CII) like banks and financial institutions, health care, and all sorts of government and private organizations.

Cyber Attacks on Bangladesh: A Quick Look

Below are a few key pointers to demonstrate the scary situation:

• The hacker groups, referred to as ‘hacktivist’, is targeting organizations in Bangladesh during 15th August 2023
• Attack tactics employed by these groups may include Distributed Denial-of-Service (DDoS) attacks, website defacements, and the use of malicious PHP shells as backdoors.
• Government bodies, military, law enforcement agencies, banks, pharmaceutical companies, retail, industrial organizations, energy, and education sectors are their primary targets.
• The website of the Covid-19 vaccine management system ‘Suraksha’ was subjected to a DDoS attack on 7th August 2023.
• A hacker group was found to be targeting Bangladesh’s Payment Gateway and law enforcement and banking organizations on 1^st August 2023.
• On July 3, a DDoS attack disrupted a Bangladeshi transportation service’s website for an hour.
• June 27 witnessed a government college’s website being defaced with shared web archives as evidence.
• A health organization’s website was defaced on June 24, with attackers providing web archives to support their actions.
• On June 20, hackers claimed to have compromised Bangladesh’s state-owned investment company, potentially accessing data from over 100,000 investors and applicants.
• 50 million user confidential NID data got revealed through govt websites
• Krishi Bank got targeted by ALPHV ransomware, resulting in over 170 GB of sensitive data compromise.
• Krishi Bank SWIFT System was also exploited earlier, leading to $3 million data theft.
• A cyber-criminal group, APT41, launched a sophisticated campaign against multiple Bangladeshi government agencies & stole sensitive data.
• At the end of July 2023, a reputed export-oriented pharmaceutical company became the victim of ransomware which compromised their production capacity and deliverability.
• Grameenphone was impacted by a massive DDoS attack.
• Biman Bangladesh Airline’s email server was compromised in a ransomware attack.

Important Steps to Avoid Major Cyber Incidents

From the above facts and figures, it is quite evident that in last six months, cyber incidents are rising across organizations in Bangladesh. In order to have a proactive approach to visibility, detection, and response, a few specific steps can be adopted to avoid disruption and consequences:

• 3rd Party Risk Assessment to understand critical vulnerabilities and have mitigation steps is essential to have a proactive defense.
• Incident Response through 24/7 network and user activity monitoring, User Behaviour Analysis, Security Incidents and Event Management, Security Orchestration & Automation.
• Deployment of Web Application Firewall with DDoS Protection, SSL Offloading can be very useful in this situation.
• Periodic Vulnerability Assessment, Penetration Testing, Architecture Review, Configuration Assessment, and Secure Code Review should bring an immense boost to Cyber Immunity of the landscape.
• Regular backups, Enforcement of Strong Encryption, Continuous Patch management, etc. can strengthen the practice.
• Few of the latest trends like Risk Exposure Management, Deep Packet Inspection, Attack Surface Management, Red Teaming, Compromise Assessment, etc. may add a lot of value to the organizations.
• Setting up a Security operation center is no longer a matter of choice, but rather a necessity not only to comply with regulatory mandates but also to protect your crown & jewels.

In case you wish to have more deliberations on the defense strategies to safeguard your mission-critical data, our incident responders will be happy to assist you.

May write to us at info@primeinfoserv.com or call at +8801713077047 for more details.