Cyber attack: various organisations take precautions to counter threat

Different government organisations and private banks have taken precautionary measures after a group of hackers threatened a ‘storm' of cyber-attacks in Bangladeshi cyberspace.

Some of the organisations have sought assistance from the Information and Communication Technology (ICT) ministry to parry the cyber-attack while some others formed cyber security teams.

At least three organisations have already confirmed that they formed Computer Emergency Response Team (CERT). The organisations are election commission, Ganabhaban and Titas Gas Transmission and Distribution Company.

Titas’ general manager (ICT) Md Tariq Anis Khan told Prothom Alo that they formed CERT and informed the ICT department. It also informed the ICT division what assistance they need.

Bangladesh e-Government Computer Incident Response Team (BGD e-GOVT CIRT) on 3 August in a press release said that a group of hackers, identifying themselves as ‘Hacktivist’ issued a warning that the cyberspace of Bangladesh would be attacked on 15 August. The hackers said they would target cyberspace of Bangladesh and Pakistan. The hackers claimed themselves to be Indian.

Meanwhile ICT division sources said although the group threatened ‘storm of cyber-attacks’, there might not even be any attack. The possibility of attack cannot also be ruled out. That is why the organisations of Bangladesh have to remain alert.

ICT divisions on 9 August held a meeting with 29 organisations known as 'critical information infrastructure' in the wake of the threat of cyber-attacks and data leak from registrar general office of birth and death registration. The organisations were instructed to assess their cyber security lapses.

The organisations in the meeting said they don’t have IT-related skilled manpower. They sought assistance from the ICT department in this regard. According to sources the ICT division said it is difficult to conduct a vulnerability assessment in every aspect. The ICT division asked the organisations to hold a vulnerability assessment audit by private organisations and send reports.

According to the "Bangladesh Cyber Threat Landscape Report 2022" from BGD e-GOVT CIRT, 91.6 percent of cyberattacks or attempted attacks result from weak infrastructure. Nevertheless, the ICT division stated that an audit by any private organization should consider IT efficiency and national security concerns. 

Bangladesh Bank on 10 issued 11-point directives to all banks and financial institutions after the threat by hackers.

Digital Security Agency director general Abu Sayeed Mohammad Kamruzzaman told Prothom Alo that they have alerted everybody and instructed all organisations to follow safety measures.

Meanwhile, after the cyber attacks many websites in the country have been victims of DDoS (Distributed Denial of Service) attack. In a DDoS attack, a website is kept so busy that others can’t access it.

Hacker groups claiming to be from Bangladesh, India and Pakistan have been issuing threats and attacks for some time. Even last night, hackers from these three countries tried to attack and counter-attack.

Group-IB, a cyber security organisation from Singapore, mentioned a hacking group named ‘Mysterious Team Bangladesh’ in a blog on its website. In the blog, it said that the group was formed in 2020. They came under spotlight after committing cyber attacks in multiple countries in 2022. They targeted governments, financial institutes and transport sectors.

It also said that Mysterious Team Bangladesh has done more than 750 DDoS attacks since June of 2022. They have hacked 78 websites.
When asked about Mysterious Team Bangladesh, BGD e-Gov CIRT director Saiful Alam Khan told Prothom Alo, the hackers could be falsely impersonating as Bangladeshis. These hackers don’t work for a country. They do these things to show off their ‘capabilities’, he said.

Saiful also said, after they issued the situational alert, many important information infrastructures and government organisation asked for advice from CIRT. Many organisations have also approached them to test their weak points in the IT sector.

The government organisations are known for not paying much importance to cyber security. On 9 July, state minister for ICT Junaid Ahmed spoke about the security issues of government organisations, saying when the organisations listed as important information infrastructures are contacted through emails, they do not reply or follow proper instructions.

In BGD e-Gov CIRT’s ‘Bangladesh Cyber Threat Landscape Report-2022’ – it was said that 91.06 per cent of cyber-attacks in the country takes place due to poor infrastructure.

ICT expert Sumon Ahmed told Prothom Alo, hacker groups are active in almost all countries. They cause problems at times. One shouldn’t panic because of this nor should they completely ignore it, he advised.

In such situations, the only options are to gain more skill and remain vigilant, he concluded.