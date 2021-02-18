

Our websites under serious threat



However, some of the targeted services/institutions and their spoofed domains are Bangladesh Police (bdpolice.co), Islami Bank (isiamibankbd.com), Govt. Corona Portal (corona-bd.com), bKash (bkashagent.com and bkash.club), Brac Bank (bracbank.info) and more. What's dangerous, the attackers are often using websites to conduct phishing attacks or distribute malware. Malicious websites typically appear completely legitimate and often provide no outward indicators of their malicious nature, even to the experienced computer users. Understandably, it is a pre-planned sinister attempt to paralyze our cyber space. Cyber crime coupled with all types of malware campaigns are on the rise in Bangladesh. Additionally, with increasing number of internet users, the attack-ratio is also shooting up.



We have witnessed how a malware had snatched away $101 million in 2016. In particular, our banking and financial sectors are vulnerable to cyber attacks. Moreover, most of our banks have no department that specifically ensures security to prevent cyber attacks, let alone deeming it necessary to have a separate cyber-security team. Reportedly, around half of the banks in the country are at high risk of such an attack. Now that a new malware programme has been identified, posing serious attacks on our websites, the need of the hour is to thwart all types of potential attacks.



Not that our public and private banks haven't been alerted by security authorities, but their lackadaisical response to cyber threat is rather astonishing. The point, however, motives behind these hacking attempts are not purely financial. The threat actor's motives behind such campaigns are to spread their botnet attacks within Bangladesh -- and possibly to tweak for espionage rather than purely from breaching accounts for financial gains. However, the threats are serious and can result in significant data breach or heavy financial loss.



It is pressing for the government and the private sector to team up and re-evaluate the country's preparedness for basic cyber-attacks and boost up their efforts in managing cybercrimes and major crises. At the same time we are making an urgent call to Bangladesh Bank, BTRC and all other relevant bodies to take appropriate measures. Malware is spreading fast in Bangladeshi network; all our local cyber entities need to be cautious about it. Procrastination in making a quick move would only worsen the latest malware threat. A malware campaign has been recently reported to target our vital government websites. Cyber Threat Research team of Bangladesh Government's -- e - Government Computer Incident Response Team (BGD e-GOV CIRT) -- recently observed and identified these ongoing developments of attacks and a malware campaign. It is launched by the well-known threat actor 'KASABLANKA' specifically targeting Bangladeshi infrastructure.However, some of the targeted services/institutions and their spoofed domains are Bangladesh Police (bdpolice.co), Islami Bank (isiamibankbd.com), Govt. Corona Portal (corona-bd.com), bKash (bkashagent.com and bkash.club), Brac Bank (bracbank.info) and more. What's dangerous, the attackers are often using websites to conduct phishing attacks or distribute malware. Malicious websites typically appear completely legitimate and often provide no outward indicators of their malicious nature, even to the experienced computer users. Understandably, it is a pre-planned sinister attempt to paralyze our cyber space. Cyber crime coupled with all types of malware campaigns are on the rise in Bangladesh. Additionally, with increasing number of internet users, the attack-ratio is also shooting up.We have witnessed how a malware had snatched away $101 million in 2016. In particular, our banking and financial sectors are vulnerable to cyber attacks. Moreover, most of our banks have no department that specifically ensures security to prevent cyber attacks, let alone deeming it necessary to have a separate cyber-security team. Reportedly, around half of the banks in the country are at high risk of such an attack. Now that a new malware programme has been identified, posing serious attacks on our websites, the need of the hour is to thwart all types of potential attacks.Not that our public and private banks haven't been alerted by security authorities, but their lackadaisical response to cyber threat is rather astonishing. The point, however, motives behind these hacking attempts are not purely financial. The threat actor's motives behind such campaigns are to spread their botnet attacks within Bangladesh -- and possibly to tweak for espionage rather than purely from breaching accounts for financial gains. However, the threats are serious and can result in significant data breach or heavy financial loss.It is pressing for the government and the private sector to team up and re-evaluate the country's preparedness for basic cyber-attacks and boost up their efforts in managing cybercrimes and major crises. At the same time we are making an urgent call to Bangladesh Bank, BTRC and all other relevant bodies to take appropriate measures. Malware is spreading fast in Bangladeshi network; all our local cyber entities need to be cautious about it. Procrastination in making a quick move would only worsen the latest malware threat.