Bangladeshi Banks Are Not Properly Cyber Secure

Uploaded on 2020-10-13 in FREE TO VIEW, BUSINESS-Services-Financial

Many countries have cyber banking security problems and one recent example is in Bangladesh, where the national Bangladesh Bank has warned all banks about new cyber attacks from N. Korean hacking groups. These hackers have resumed targeting banks worldwide through the use of fraudulent international money transfers and ATM cash-outs.

It is believed that the North Korean hackers were responsible for stealing $81 million from the central Bangladesh Bank in 2016, and have engaged in fraudulent ATM cash-outs affecting upwards of 30 countries in a single incident. The Bangladesh National Computer Incident Response Team (CIRT)  believe the North Korean Hacker group’s ‘Beagle Boys’, were attempting to attack the country’s banking establishments.

Many Bangladeshi banks have now their restricted their ATMs, cards and online transactions and strengthened their security measures after the cyber alert.  However, most banks in the country have no updates or new strategies to counter hackers. They need better security structures for online transactions and lack of cyber security skills.

These issues were raised by Tanvir Hassan Zoha, Cyber security researcher and Managing Director of  Backdoor Private Ltd  at a recent event called ‘Behind ATM Hacking’ held at the Economic Reporters’ Forum (ERF) held in the nation's capital, Dhaka.  Zoha says  that  network systems of many financial institutions in Bangladesh, including banks, are unknowingly infected with malware. 

From August 27 most Bangladeshi banks have restricted their ATMs, cards and online transactions and strengthened their security measures to avoid the risk of being hacked following an alert issues by the national Bangladesh Bank and a number of local banks are yet to fully reinstate their ATM, credit card and online transaction services even after the Bangladesh Bank withdrew the alert.

Even though many Bangladeshi banks have increased their cyber security, still the skills and security investment is lacking.

Zoha said banks should be more aware of local hackers as a threat to the banking system and recommends that banks quickly identify the areas of weakness in their systems, enhance monitoring over networking of banks, create awareness, arrange practical trainings on cyber security and should file prosecutions against known hackers. 

The Bangladesh Bank has issued several alerts to all banks about possible cyber attacks in the past year past and the larger commercial banks are though to be taking precautionary measures about the online transactions whist the central bank is also monitoring foreign currency transactions.

Dhaka Tribune:     Business Standard:      Daily Observer:       Prothomalo:

You Might Also Read: 

Analysts Detect New Bank Malware:

 

« Cyber Security For Business Leaders
The Software Industry Delivers Appliances With Known Vulnerabilities »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

Onapsis

Onapsis

Onapsis is a pioneer in cybersecurity and compliance solutions for cloud and on-premise ERP and business-critical applications.

Telesoft Technologies

Telesoft Technologies

Telesoft Technologies is a global provider of cyber security, telecom and government infrastructure products and services.

MaskTech

MaskTech

MaskTech supplies highest security embedded chipsets, operating systems and related middleware for electronic identification cards, travel documents and authentication solutions.

Network Integrated Business Solutions (NIBS)

Network Integrated Business Solutions (NIBS)

NIBS is an IT services provider offering a range of services with the aim of simplifying and securing technology.

Tutamantic

Tutamantic

Tutamantic develops software that reduces security risks and weaknesses during the architectural and design stages.

Digital Management (DMI)

Digital Management (DMI)

DMI is a provider of mobile enterprise, business intelligence and cybersecurity services.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Swarmnetics

Swarmnetics

Swarmnetics helps customers discover hard-to-find software vulnerabilities by hacking your system before the bad guys do.

National Coordinator for Security and Counterterrorism (NCTV) - Netherlands

National Coordinator for Security and Counterterrorism (NCTV) - Netherlands

The NCTV serves the Netherlands’ national security. We protect national interests, identify threats and strengthen resilience.

ShellBoxes

ShellBoxes

ShellBoxes are a leading Web3 company focused on providing top-notch blockchain security and development services.

C2 Risk

C2 Risk

C2 Risk are focussed on risk analytics for information assurance, privacy and ESG (Environmental, Social, and Governance).

CyberSecureRIA

CyberSecureRIA

We founded CyberSecureRIA specifically to secure and support RIAs. We exist to secure SEC-registered RIAs, and keep them compliant with cybersecurity regulations.

AI Safety Institute (AISI)

AI Safety Institute (AISI)

The AI Safety Institute’s mission is to minimise surprise to the UK and humanity from rapid and unexpected advances in AI.

Cyberleaf

Cyberleaf

Cyberleaf is simplified managed cybersecurity for MSPs, enabling top tier cyber protection for small and medium enterprise.

Advania UK

Advania UK

Advania are one of Microsoft’s leading partners in the UK, specialising in Azure, Security, Dynamics 365 and Microsoft 365.

Graphiant

Graphiant

Graphiant’s Data Assurance service gives businesses end-to-end control and visibility into how data travels throughout the entire business network.