The central bank has issued 11-point instructions to all banks and financial institutions of the country to avoid the risk of cyber attacks. On Thursday (August 10), Bangladesh Bank issued instructions in this regard to the institutions.
Recently, a group of hackers has threatened to attack the cyber world of Bangladesh. August 15 has been mentioned as the possible date of the attack.
In this context, on August 7, a press release from the Government’s Computer Incident Response Team (BGD e-Gov Cert) issued a warning about cyber security.
According to the circular, cyber attacks can disrupt operations of state critical information infrastructure (CII), banks, financial institutions, healthcare and government and private institutions. All concerned organizations should be prepared to prevent small or medium cyber attacks.
Among the guidelines given by Bangladesh Bank to avoid the risk of cyber attacks, it is noteworthy to monitor the network infrastructure 24 hours, especially outside the office hours, and to keep an eye on whether someone is removing information or not. Access to various websites should be controlled to minimize cyber attacks. Apart from this, the latest guidelines of the Open Web Application Security Project (OWASP) should be followed to strengthen the security system in addition to taking various measures to detect insecure activities on the network.BGD E-Gov Cert mentions some of the recent notable cyber attacks targeting Bangladesh. These include a hacker group claiming a cyber attack on payment gateways, law enforcement agencies and the banking sector in Bangladesh on August 1. Also, on July 3, a hacker group claimed that they had attacked Bangladeshi transport services for an hour. On June 27, a hacker group defaced the website of a government college in Bangladesh and released a sample of their work. The same was done on the site of a health sector organization on June 24. Cert has given some suggestions to ensure the security of the infrastructure of the concerned organizations to avoid cyber attacks. They are deploying firewalls to analyze incoming HTTP/HTTPS traffic and filter out malicious requests and traffic patterns. Protecting important services like DNS, NTP and Network Middle Box. Validating user input. Backing up the website. Implementing HTTPS on websites with SSL/TLS encryption. Using updated technology and reporting anything suspicious to BGD e-Gov Cert.