The Financial Express

Malware found in BB server, again

BCC calls for remedies to thwart cyber attacks

| Updated: March 31, 2020 13:39:46

Picture used for illustrative purpose only Picture used for illustrative purpose only

The data server of Bangladesh Bank is again found to be at risk of cyber attack due to malware transmission, officials have said.

The Bangladesh Computer Council, or BCC, has warned the central bank of the possible risk.

"…the internet protocol used by the network of Bangladesh Bank is sending and receiving info to suspicious internet protocol infected with malware and botnet," BCC director Tarique M Barkatullah wrote in a recent letter to the central bank.

"We are drawing your attention to the identified risks and if measures are not taken, we are calling for necessary steps," he wrote to the executive director of Bangladesh Bank's ICT Infrastructure Maintenance and Management Department.

The council issued the warning based on monitoring reports between February 12 and March 8 this year.

Under a memorandum of understanding signed between the BCC and the central bank, the council installed a cyber sensor in the Bangladesh Bank's data centre.

The Bangladesh government's Computer Incident Response Team, which is acting as the National CIRT of Bangladesh (N-CIRT) monitors the cyber sensor installed in the data centre.

The team is responsible for receiving, reviewing, and responding to computer security incidents and activities.

Usually, such Malware in the central server creates scope for hackers' intrusion and stealing data and money by placing fraudulent orders.

In March last year, the BCC had issued a similar warning asking the central bank authority to take measures to prevent possible cyber attacks.

In 2016, for the first time in the country's history, cyber frauds stole $101 million from the central bank's account with the New York Fed by making backdoor access to its network. After the incident, some $20 million could be recovered from the Philippines.

The BB sued Manila-based Rizal Commercial Banking Corporation (RCBC) last February to recover the heist funds.

But no more money has yet to be recovered even after the case is filed.

In the last year's report, the council had said the investigators found malware being downloaded on the server of the country's banking regulator.

They saw the web communication of the central bank's IP address with suspicious IP addresses located in the USA, Russia, Romania, the Netherlands, and Germany.

Those suspicious servers have been identified as ransomware infrastructure.

Hackers have paved a path for attacking the BB's server through using ransomware due to some faults, they said.

The data of a server attacked by ransomware becomes encrypted by hackers demanding ransom, the council officials said, adding recovering the data remains a tough task despite making a payment.

Contacted over telephone on Sunday, BB executive director Muhammad Zakir Hasan told the FE whenever they get any such information from the BCC they take remedial measures to prevent hackers' intrusion or possible cyber attack.

"It's a regular process. The BCC monitors the server and we also do that," he said.

Asked whether the risks grew during the holidays, Mr Hasan said measures taken to cover all types of risks and banks have been given required instruction.

"Appropriate measures are taken to reduce risks," he added.

[email protected]

Share if you like