Bangladeshi Banks Are Not Properly Cyber Secure

Uploaded on 2020-10-13 in FREE TO VIEW, BUSINESS-Services-Financial

Many countries have cyber banking security problems and one recent example is in Bangladesh, where the national Bangladesh Bank has warned all banks about new cyber attacks from N. Korean hacking groups. These hackers have resumed targeting banks worldwide through the use of fraudulent international money transfers and ATM cash-outs.

It is believed that the North Korean hackers were responsible for stealing $81 million from the central Bangladesh Bank in 2016, and have engaged in fraudulent ATM cash-outs affecting upwards of 30 countries in a single incident. The Bangladesh National Computer Incident Response Team (CIRT)  believe the North Korean Hacker group’s ‘Beagle Boys’, were attempting to attack the country’s banking establishments.

Many Bangladeshi banks have now their restricted their ATMs, cards and online transactions and strengthened their security measures after the cyber alert.  However, most banks in the country have no updates or new strategies to counter hackers. They need better security structures for online transactions and lack of cyber security skills.

These issues were raised by Tanvir Hassan Zoha, Cyber security researcher and Managing Director of  Backdoor Private Ltd  at a recent event called ‘Behind ATM Hacking’ held at the Economic Reporters’ Forum (ERF) held in the nation's capital, Dhaka.  Zoha says  that  network systems of many financial institutions in Bangladesh, including banks, are unknowingly infected with malware. 

From August 27 most Bangladeshi banks have restricted their ATMs, cards and online transactions and strengthened their security measures to avoid the risk of being hacked following an alert issues by the national Bangladesh Bank and a number of local banks are yet to fully reinstate their ATM, credit card and online transaction services even after the Bangladesh Bank withdrew the alert.

Even though many Bangladeshi banks have increased their cyber security, still the skills and security investment is lacking.

Zoha said banks should be more aware of local hackers as a threat to the banking system and recommends that banks quickly identify the areas of weakness in their systems, enhance monitoring over networking of banks, create awareness, arrange practical trainings on cyber security and should file prosecutions against known hackers. 

The Bangladesh Bank has issued several alerts to all banks about possible cyber attacks in the past year past and the larger commercial banks are though to be taking precautionary measures about the online transactions whist the central bank is also monitoring foreign currency transactions.

Dhaka Tribune:     Business Standard:      Daily Observer:       Prothomalo:

You Might Also Read: 

Analysts Detect New Bank Malware:

 

« Cyber Security For Business Leaders
The Software Industry Delivers Appliances With Known Vulnerabilities »

ManageEngine
CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Tines

Tines

The Tines security automation platform helps security teams automate manual tasks, making them more effective and efficient.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Boxcryptor

Boxcryptor

Boxcryptor encrypts your sensitive files before uploading them to cloud storage services.

Phirelight Security Solutions

Phirelight Security Solutions

Phirelight empowers an enterprise to easily understand how their networks behave, while at the same time assessing and managing cyber threats in real time.

Very Good Security (VGS)

Very Good Security (VGS)

VGS is the modern approach to data security. Our SaaS solution gives you all the benefits of interacting with sensitive and regulated data without the liability of securing it.

Micro Strategies Inc.

Micro Strategies Inc.

Micro Strategies provides IT solutions that help businesses tackle digital transformation in style.

SafeHouse Technologies

SafeHouse Technologies

SafeHouse is a cloud-based, high-end cybersecurity platform that can secure and insure any device that is connected to it.

Towerwall

Towerwall

Towerwall offers a comprehensive suite of security services and solutions using best-of-breed tools and information security services.

ITSEC Asia

ITSEC Asia

ITSEC Asia works to effectively reduce exposure to information security threats and improve the effectiveness of its clients' information security management systems.

CERT.JE

CERT.JE

CERT.JE is responsible for promoting and improving the cyber resilience across the critical national infrastructure, business communities and citizens in Jersey.

Hush

Hush

Hush is a premium privacy service that gives people unprecedented visibility and control of their digital footprint. Hush assesses threats, and goes to work to eliminate digital risks on your behalf.

CommandK

CommandK

CommandK provides companies with infrastructure to protect their sensitive data. Built-in solutions to prevent data-leaks and simplify governance.

Dotsquares

Dotsquares

Dotsquares leverage the latest web and mobile technologies to build, grow and support your business.

CarbonHelix

CarbonHelix

CarbonHelix provides cybersecurity services from US-based security operations centers that meet the highest compliance requirements.

OOKOS

OOKOS

OOKOS was founded in 2023 by a team of cybersecurity veterans who recognized that traditional security models were failing to keep pace with evolving threats.

Brava

Brava

Brava is your trusted Business Communications and Solutions partner serving the Caribbean and Atlantic region.

Scalefusion

Scalefusion

Scalefusion provides a comprehensive suite of products engineered to simplify endpoint, user, and access management for IT teams.

Forrit

Forrit

Forrit is the secure and scalable Content Management System (CMS) built specifically for large enterprises in highly regulated sectors.