Cybersecurity alert
Hackers out to hit BD, Pak cyberspace
CII, banks, Fls and healthcare systems major targets
Published :
Updated :
For all latest news, follow The Financial Express Google News channel.
A cybersecurity alert was issued on Friday after a group of hackers, calling themselves hacktivists from India, threatened to attack the cyberspace of Bangladesh and Pakistan in mid-August.
The hacktivists cited August 15, the National Mourning Day, as the date for their possible attack, according to the Bangladesh Government's Computer Incident Response Team (BGD e-GOV CIRT) that issued the alert.
The government's cyber-response agency warned of potential cyberattacks on critical information infrastructure (CII), banks and financial institutions, healthcare and all types of government and private organisations.
It also advised them to take precautionary measures to protect their own infrastructure.
A recent CIRT research identified that several hacker groups, influenced by similar ideology, have been conducting regular cyberattacks on various organisations in Bangladesh, thus affecting its operations and businesses.
Possible cyberattacks may disrupt IT operations and businesses, according to the cyber-response team.
The ICT Division recently listed 29 government institutions as CII that includes the President's Office, the Prime Minister's Office, the Bangladesh Bank and the National Board of Revenue.
In a screenshot provided by the CIRT in its report, it said the threat actors claimed to be an Indian hacker group who declared that they will attack organisations based in Pakistan and Bangladesh on August 15.
The groups' primary attack tactics include Distributed Denial-of-Service (DDoS) attacks, website defacements, compromising the website and using malicious PHP shells as a backdoor to drop payloads.
Their top targets include government, military and law-enforcement agencies, bank and non-bank financial institutions, pharmaceuticals, retail and industrial organisations, energy and education sectors.
Talking to the FE, Md Mushfiqur Rahman, chief information technology officer at First Security Islami Bank Ltd, said CII outlets should configure their system weaknesses first to avert potential threats.
He called for taking immediate action in line with the problems detected, also suggesting that anti-DDoS measures be taken.
The organisations concerned must follow the CIRT guidelines given at different times to safeguard themselves from threats, he said.
He also emphasised data backup to minimise the loss.
"We need to configure and harden web application as per the Open Worldwide Application Security Project (OWASP) guideline, a non-profit foundation dedicated to improving software security."
People with adequate technological expertise in security should be kept in place as such threat is increasing day by day, suggested Mr Raman.
Tarique M Barkatullah, former director, National Data Centre at Bangladesh Computer Council, said some people, involved in anti-Bangladesh activities, remain busy tarnishing the "image of our different national special days".
The organisations concerned, including CII, should keep their vigilance in place round the clock, he added.
Engr Mohammad Saiful Alam Khan, project director, BGD e-GOV CIRT, urged the organisations concerned to ensure strict network and monitor user activity 24/7, especially during non-office hours, and watch out for any indication of data exfiltration.
He also accentuated the importance of load balancer solutions to ensure that no single server gets overwhelmed during an attack.
"We should deploy a web application firewall to analyse incoming HTTP/HTTPS traffic and filter out malicious requests and traffic patterns commonly associated with DDoS attacks," added Mr Khan.
JUN-AUG TIMELINE
On 01 August 2023, a hacker group claimed a cyberattack on a payment gateway, law-enforcement and banking organisations in Bangladesh.
On 03 July 2023, a hacker group claimed a DDoS attack on a Bangladeshi transport service for one hour, making its website unavailable for the time mentioned.
On June 27, a hacker group defaced the website of a Bangladesh government college and shared a web archive supporting their claims.
On June 24, a hacker group defaced the website of a Bangladesh health organization and shared a web archive supporting their claims.
On June 21, the group claimed a DDoS attack on the website of Bangladeshi military organisations.
On June 20, it claimed to compromise Bangladesh's state-owned investment company and exfiltrated data of over 100,000 investors and investment applicants.
The threat group shared a single screenshot as proof of its compromise and planned to release the data after successful exfiltration.