Bangladeshi Banks Are Not Properly Cyber Secure

Uploaded on 2020-10-13 in FREE TO VIEW, BUSINESS-Services-Financial

Many countries have cyber banking security problems and one recent example is in Bangladesh, where the national Bangladesh Bank has warned all banks about new cyber attacks from N. Korean hacking groups. These hackers have resumed targeting banks worldwide through the use of fraudulent international money transfers and ATM cash-outs.

It is believed that the North Korean hackers were responsible for stealing $81 million from the central Bangladesh Bank in 2016, and have engaged in fraudulent ATM cash-outs affecting upwards of 30 countries in a single incident. The Bangladesh National Computer Incident Response Team (CIRT)  believe the North Korean Hacker group’s ‘Beagle Boys’, were attempting to attack the country’s banking establishments.

Many Bangladeshi banks have now their restricted their ATMs, cards and online transactions and strengthened their security measures after the cyber alert.  However, most banks in the country have no updates or new strategies to counter hackers. They need better security structures for online transactions and lack of cyber security skills.

These issues were raised by Tanvir Hassan Zoha, Cyber security researcher and Managing Director of  Backdoor Private Ltd  at a recent event called ‘Behind ATM Hacking’ held at the Economic Reporters’ Forum (ERF) held in the nation's capital, Dhaka.  Zoha says  that  network systems of many financial institutions in Bangladesh, including banks, are unknowingly infected with malware. 

From August 27 most Bangladeshi banks have restricted their ATMs, cards and online transactions and strengthened their security measures to avoid the risk of being hacked following an alert issues by the national Bangladesh Bank and a number of local banks are yet to fully reinstate their ATM, credit card and online transaction services even after the Bangladesh Bank withdrew the alert.

Even though many Bangladeshi banks have increased their cyber security, still the skills and security investment is lacking.

Zoha said banks should be more aware of local hackers as a threat to the banking system and recommends that banks quickly identify the areas of weakness in their systems, enhance monitoring over networking of banks, create awareness, arrange practical trainings on cyber security and should file prosecutions against known hackers. 

The Bangladesh Bank has issued several alerts to all banks about possible cyber attacks in the past year past and the larger commercial banks are though to be taking precautionary measures about the online transactions whist the central bank is also monitoring foreign currency transactions.

Dhaka Tribune:     Business Standard:      Daily Observer:       Prothomalo:

You Might Also Read: 

Analysts Detect New Bank Malware:

 

« Cyber Security For Business Leaders
The Software Industry Delivers Appliances With Known Vulnerabilities »

CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 8,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

KnowBe4

KnowBe4

KnowBe4 is an integrated platform for security awareness training combined with simulated phishing attacks.

Cipher Security

Cipher Security

Cipher Security provides unique robustness tests and penetration tests, as well as customizable development services for vendors and providers.

Japan Network Security Association (JNSA)

Japan Network Security Association (JNSA)

JNSA's goal is to promote standardization related to network security and to contribute to greater technological standards in the field.

CyberCrowd

CyberCrowd

CyberCrowd is a cyber security specialist offering technical services, cyber security assessments, guidance and security thought leadership.

2Keys

2Keys

2Keys designs, deploys and operates Digital Identity Platforms and Cyber Security Platforms through Managed Service and Professional Service engagements.

GrrCON

GrrCON

GrrCON is an information security and hacking conference that provides the Midwest InfoSec community with a fun atmosphere to come together and engage with like minded people.

Cryptoloc

Cryptoloc

Cryptoloc's core business is developing solutions designed to protect businesses from all kinds of security threats using a unique patented cryptography.

CyberSheath Services International

CyberSheath Services International

CyberSheath integrates your compliance and threat mitigation efforts and eliminates redundant security practices that don’t improve and in fact might probably weaken your security posture.

X Technologies

X Technologies

X Technologies provide world-class engineering, information technology, information security, program management and repair services to Federal, State and commercial customers.

D2 Network Associates (D2NA)

D2 Network Associates (D2NA)

D2NA help businesses deliver and achieve their goals, through innovative IT solutions, robust cyber security services and proactive IT managed services.

Telstra

Telstra

Telstra is one of the world's leading telecommunications and technology companies, offering a wider range of services from networks and cloud solutions to mobility and enterprise collaboration tools.

Fusion Cyber

Fusion Cyber

Fusion Cyber educates students in Zero Trust Risk Management, Defense, and Cyber Offense that lead to taking industry-accepted cybersecurity certifications.

GrayHats

GrayHats

GrayHats is a platform-based cybersecurity company devoted to delivering comprehensive, scalable, and proactive protection for businesses in an ever-evolving threat landscape.

Crisis24

Crisis24

Crisis24 is a leading integrated risk management, crisis response, consulting, and global protective solutions firm.

Motive Managed Services

Motive Managed Services

Motive Managed Services take the complexity out of IT, Cybersecurity, and Network Operations, so you can focus on growing your business.

Sectricity

Sectricity

As independent ethical hackers, Sectricity go beyond traditional security, uncovering every vulnerability - testing both systems and employees to eliminate weak spots.