Cyberattack alert for August 15

We must remain prepared to safeguard our organisations from cyberattacks

Published : 05 Aug 2023 07:54 PM

Some religious and ideologically motivated underground hacker groups have threatened to launch ‘a storm of cyber-attacks’ against Bangladesh cyberspace on 15th August, says Bangladesh Government’s Computer Incident Response Team (BGD e-GOV CIRT). The government’s CIRT on Friday issued an alert to Bangladeshi banks, financial institutions and other organisations over possible cyber-attacks on August 15.

Banks and financial institutions, healthcare and all sorts of government and private organisations must remain alert for small to medium-scale cyber-attacks originating from the hacktivist groups and take the required precautions to protect their infrastructures. These groups have been targeting organizations from Pakistan, and Bangladesh. The groups’ primary attack tactics are said to include Distributed Denial-of-Service (DDoS) attacks, website defacements, compromising the website and using malicious PHP shells as a backdoor to drop payloads.

The top targeted organisation types, according to CIRT, are Gov’t and Military, Law Enforcement Agencies, Banking and NBFI, Pharmaceuticals, Retail and Industrial Organisations, and Energy and education sectors. Therefore, all important organisations including information technology (IT) infrastructures will have to take proper measures 

Country’s all organisations especially

 banks will have to set up cybersecurity 

operation centres in line with the

 Bangladesh Bank directive to

 thwart large-scale cyberattacks

In computing, a denial-of-service attack is a cyber-attack in which the perpetrator seeks to make a machine or network resource unavailable to its intended users by temporarily or indefinitely disrupting services of a host connected to a network. In the DDoS cyberattack, use of different types of internet packets including TCP Push Flood, UDP Flood, TCP RST flood, TCP SYN Flood, TCP Window Size flood, IP fragment flood were noticed.

All important information infrastructures will have to set limit of anti-DDoS protection threshold after updating or setting anti-DDoS hardware and software following digital security guidelines to keep safe all IT infrastructures. DDoS attacks are carried out with networks of Internet-connected machines, according to global network Cloudflare. In April 2021, country’s over 200 government and private organisations, including Bangladesh Telecommunication Regulatory Commission (BTRC), Bangladesh Bank, commercial banks, and internet service providers came under a severe cyberattack. The hackers might have stolen confidential information contained in emails during that time. Therefore, the hackers also may blackmail the organisations in the future.

There is possibility that the hacker group will continue launching attack on our government and private organisation including financial institutions. In this regard, the government must take proactive measures—including cyber resilience audits, secure-sourcing strategies and removing elements with vulnerabilities—to protect the government and private organisations including financial institutions’ systems, data, and customers. Country’s all organisations especially banks will have to set up cybersecurity operation centres in line with the Bangladesh Bank directive to thwart large-scale cyber-attacks. It has been noticed that cyberattack on financial institutions has grown significantly in recent years. For any business it is necessary to plan and apply security measures to guard their work and immobilise any attempt of a cyberattack.