Bangladeshi Banks Are Not Properly Cyber Secure

Many countries have cyber banking security problems and one recent example is in Bangladesh, where the national Bangladesh Bank has warned all banks about new cyber attacks from N. Korean hacking groups. These hackers have resumed targeting banks worldwide through the use of fraudulent international money transfers and ATM cash-outs.

It is believed that the North Korean hackers were responsible for stealing $81 million from the central Bangladesh Bank in 2016, and have engaged in fraudulent ATM cash-outs affecting upwards of 30 countries in a single incident. The Bangladesh National Computer Incident Response Team (CIRT)  believe the North Korean Hacker group’s ‘Beagle Boys’, were attempting to attack the country’s banking establishments.

Many Bangladeshi banks have now their restricted their ATMs, cards and online transactions and strengthened their security measures after the cyber alert.  However, most banks in the country have no updates or new strategies to counter hackers. They need better security structures for online transactions and lack of cyber security skills.

These issues were raised by Tanvir Hassan Zoha, Cyber security researcher and Managing Director of  Backdoor Private Ltd  at a recent event called ‘Behind ATM Hacking’ held at the Economic Reporters’ Forum (ERF) held in the nation's capital, Dhaka.  Zoha says  that  network systems of many financial institutions in Bangladesh, including banks, are unknowingly infected with malware. 

From August 27 most Bangladeshi banks have restricted their ATMs, cards and online transactions and strengthened their security measures to avoid the risk of being hacked following an alert issues by the national Bangladesh Bank and a number of local banks are yet to fully reinstate their ATM, credit card and online transaction services even after the Bangladesh Bank withdrew the alert.

Even though many Bangladeshi banks have increased their cyber security, still the skills and security investment is lacking.

Zoha said banks should be more aware of local hackers as a threat to the banking system and recommends that banks quickly identify the areas of weakness in their systems, enhance monitoring over networking of banks, create awareness, arrange practical trainings on cyber security and should file prosecutions against known hackers. 

The Bangladesh Bank has issued several alerts to all banks about possible cyber attacks in the past year past and the larger commercial banks are though to be taking precautionary measures about the online transactions whist the central bank is also monitoring foreign currency transactions.

Dhaka Tribune:     Business Standard:      Daily Observer:       Prothomalo:

You Might Also Read: 

Analysts Detect New Bank Malware:

 

« Cyber Security For Business Leaders
The Software Industry Delivers Appliances With Known Vulnerabilities »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

CIO

CIO

CIO provides technology and business leaders with insight and analysis on information technology trends

Gamma

Gamma

Gamma is a leading provider of Unified Communications as a Service (UCaaS) into the UK, Dutch, Spanish and German business markets.

Corero Network Security

Corero Network Security

Corero Network Security is dedicated to improving the security of the Internet through the deployment of its innovative DDoS & Network Security Solutions.

CRU Data Security Group (CDSG)

CRU Data Security Group (CDSG)

CRU is a pioneer in devices for data mobility, data security, encryption, and digital investigation.

Ipsidy

Ipsidy

Our identity platform enables mobile users to more easily authenticate their identity to a mobile phone or portable device of their choosing.

WeSecureApp (WSA)

WeSecureApp (WSA)

WeSecureApp is specialized in providing Cyber Security Solutions to safeguard your applications and networks.

RunSafe Security

RunSafe Security

RunSafe Security is the pioneer of a patented cyberhardening transformation process designed to disrupt attackers and protect vulnerable embedded systems and devices.

Totalsec

Totalsec

Totalsec is a Grupo Salinas company with a team of professionals in cybersecurity and information security providing Security Consulting, Solutions Integration, and Managed Security Services.

KOS-CERT

KOS-CERT

KOS-CERT is the national Computer Incident Response Team for Kosovo.

Armis

Armis

Armis offers the markets leading asset intelligence platform designed to address the new threat landscape that connected devices create.

MicroEJ

MicroEJ

MicroEJ is a software vendor of cost-driven solutions for embedded and IoT devices.

Appgate

Appgate

Appgate is the secure access company. We empower how people work and connect by providing solutions purpose-built on Zero Trust security principles.

Stratus Technologies

Stratus Technologies

Edge Computing solves the inherent challenges of bandwidth, latency, and security at edge locations to enable IIoT devices and data acquisition.

Grindstone Ventures

Grindstone Ventures

Grindstone Ventures is a post-seed fund that supports post-seed equity and quasi-equity investments in early-stage innovation-driven and/or technology companies.

Winslow Technology Group (WTG)

Winslow Technology Group (WTG)

Winslow Technology Group is a leading provider of IT Solutions, Managed Services, and Cybersecurity Services dedicated to providing exceptional business outcomes for our customers since 2003.

Synergy ECP

Synergy ECP

Synergy ECP has a talented, dedicated staff to provide a broad range of services to the defense and intelligence industries.