A group of hackers have threatened a ‘storm' of cyber-attacks in Bangladeshi cyberspace. The hackers set 15 August as probable date to hit the cyberspace of the country. Bangladesh e-Government Computer Incident Response Team (BGD e-GOVT CIRT) has issued an alert in the wake of the threat.
BGD e-GOVT CIRT on Friday issued a press release of the warning undersigned by the project’s director Mohammad Saiful Alam Khan. The press release says a group of hackers on 31 July issued warning that the cyberspace of Bangladesh would be attacked on 15 August.
“Bangladesh Government's Computer Incident Response Team (BGD e-GOV CIRT) is releasing this alert to warn critical information infrastructures (CII), banks and financial institutions, health care and all sorts of government and private organizations of the possible conducted cyber-attacks by the groups that may disrupt IT operations and businesses. All organisations are advised to be on alert for small to medium-scale cyber-attacks originating from the subject hacktivist groups and to take the required precautions to protect their infrastructures,” the press release reads.
The press release said the hackers identify themselves as ‘Hacktivist’ and have been targeting Bangladesh and Pakistan. BGD e-GOVT CIRT said it, in a recent research, identified several similar group of hackers who attack sites of Bangladeshi organisations frequently.
The screenshot provided by the BGD e-GOVT CIRT in the press release shows that the hackers claimed themselves to be Indian.
BGD e-GOVT CIRT mentions some of the recent notable cyber-attacks targeting Bangladesh. These include a hacker group claiming a cyber-attack on payment gateways, law enforcement agencies and the banking sector in Bangladesh on 1 August. . On 3 July, a hacker group claimed a Distributed Denial-of-Service (DDoS) attack on Bangladeshi transportation service making the website unavailable for an hour. Also, on July 3, a hacker group claimed that they had attacked Bangladeshi transport services for 1 hour. On 27 June, a hacker group defaced the website of a Bangladesh government college and shared a web archive supporting their claims. The similar thing was done on the site of a health sector organisation on 24 June.
CIRT requested all organisations in Bangladesh to take the following measures to ensure their infrastructures’ security: Ensure strict network and user activity monitoring 24/7, especially during non-office hours, and watch out for any indication of data exfiltration; ensure implementing load balancer solutions to ensure that no single server is overwhelmed during an attack, deploy a Web Application Firewall to analyze incoming HTTP/HTTPS traffic and filter out malicious requests and traffic patterns commonly associated with DDoS attacks; ensure vital services such as DNS, NTP as well as network middleboxes are securely configured and are not exposed on the internet; validate and sanitize all user input to prevent malicious code injection (e.g., SQL injection, Cross-Site Scripting) that could lead to web defacement; perform regular backups of your website's content and database, enforce HTTPS on your website with SSL/TLS encryption; keep all web server software, content management systems (CMS), plugins, and other software components up-to-date with the latest security patches; configure and harden web application as per OWASP guideline and report or inform BGD e-GOV CIRT regarding the detection of IOCs and/ or any suspicious activities you observe within your environment.