‘Bangladesh's cyber resilience still at emerging stage rather a mature one’

How has the global cyber threat landscape changed over the past five years?

Over the last five years, the global cyber threat landscape has changed in quite significant ways.

Vulnerabilities are being discovered faster than ever, and more of them are being exploited very quickly after discovery, leading to a sharp acceleration of threats.

We are also seeing the rise of residential proxy networks, where consumer devices are being compromised at scale.

This often happens through supply chain attacks, where equipment reaches the end user already pre-infected with malware.

We also see cases where users are enticed by offers such as low-cost access to premium television services if they install certain applications — applications that frequently turn out to be malicious.

There has been a considerable rise in the residential proxy landscape in general.

More recently, AI has further accelerated the entire attack process, as it makes automation easier than ever before.

What are the biggest cybersecurity threats that governments and organizations should prepare for over the next five years?

The biggest threat is, essentially, easy remote code execution vulnerabilities in exposed digital assets.

This is an area where actual attacks are accelerating very rapidly. Services and applications exposed to the internet are often reverse-engineered by malicious actors to discover vulnerabilities that nobody else has identified yet — essentially zero-days — which are then automatically exploited from outside.

Are cyberattacks becoming more sophisticated because of AI? How concerned should we be?

I do not think attacks are becoming more sophisticated because of AI — at least, that has not happened yet.

What AI does is lower the barrier to entry for executing a wide range of standard attacks that would otherwise still occur without it.

AI makes those attacks more accessible, easier to carry out, and highly scalable.

The real issue right now is not an increase in sophistication; it is the automation of simpler, standard attacks at unprecedented scale.

What is the mission of the Shadowserver Foundation, and how does it contribute to global cybersecurity?

The mission of the Shadowserver Foundation is to make the internet more secure for everyone.

We do this by collecting threat intelligence on a massive, planetary scale and automatically sharing it with affected parties. We act as a data pipeline — a large-scale collection and distribution project.

Our goal is to gather data on emerging threats, critical vulnerabilities, and active compromises, then share it directly with internet defenders worldwide in a responsible manner.

This makes us the largest distribution mechanism for this type of information on the planet. It is provided entirely for free, which is a distinctive aspect of what we do.

Can you share a recent success story where your organization's work helped prevent or minimize a major cyber threat?

We work closely with law enforcement and industry to disrupt threats on a continuous basis.

Most recently, we have been collaborating with organizations such as Europol and the FBI to disrupt cybercriminal operations.

This includes our involvement in Operation Endgame, where we helped dismantle threats like SocGholish, which compromises legitimate websites, such as WordPress sites and injects malicious code into them to infect visitors, and information-stealers like StealC.

We also disrupted malware dropper infrastructure, such as SmokeLoader.

In the private sector, we recently worked with Google and HUMAN Security to disrupt BadBox 2.0, a major residential proxy threat that had infected nearly 10 million users worldwide.

How would you assess Bangladesh's current cybersecurity preparedness, and what are the most common threats targeting countries like Bangladesh?

Coming to this conference, it is clear that Bangladesh has a tremendous amount of individual talent.

However, the organization of collective cyber defence — specifically, collaboration between government, industry, and wider private partnerships — is an area that still requires significant work.

Bangladesh's cyber resilience is at an emerging stage rather than an advanced or mature one.

In terms of the most common threats, there are two sides to consider.

For individual consumers, the primary threat comes from digital scams aimed at stealing money.

For critical infrastructure and government, the threat is more closely tied to ransomware and state-sponsored actors capable of penetrating networks to deploy ransomware, steal sensitive financial information, or conduct long-term espionage.

Which sectors in Bangladesh need the most urgent cybersecurity improvements?

There is clearly significant work to be done on government networks and critical infrastructure security.

However, based on my broader experience across the region and around the world, I believe healthcare is traditionally the sector handling the most sensitive data — highly confidential patient information — with near-zero resources to secure it.

While national focus in Bangladesh tends to concentrate on other major sectors, healthcare remains heavily underserved.

If I had to identify which sector is currently the easiest to attack due to this gap, it would be healthcare.

What steps should Bangladesh take over the next five years to strengthen its cyber resilience?

It is essential for the government to collaborate closely with the private sector, as private entities are typically the ones owning and operating actual networks.

Establishing an equitable relationship built on transparent information sharing and coordinated defence is critical.

Without that level of synergy, achieving true systemic resilience is not possible.

Ultimately, this will require a fundamental shift in mindset within Bangladesh to ensure the necessary foundations of institutional trust are firmly established.

Bangladesh has a growing number of young IT professionals. What skills should they develop to compete in the global cybersecurity industry?

The core focus must be on developing skilled engineers who truly understand cybersecurity from the ground up.

Too often, cybersecurity is commercialized with the false promise that purchasing a software tool and clicking a few buttons will make everything secure. That is simply not the case.

We need to nurture talent that deeply understands how the internet, networks, and systems function at a fundamental level.

Once you master how things work at their core, you can naturally adapt to new and evolving threats as they emerge.

Youth-led networks and organizations like Team Phoenix can make a significant contribution here by organising hackathons, Capture the Flag (CTF) competitions, and similar events where people gain hands-on cybersecurity experience rather than simply learning through presentations.

How important is international collaboration in responding to cyber threats?

It is critical. Cybercrime has no borders — virtually no modern cyberattack remains confined within a single country.

Without active collaboration and trusted relationships with the rest of the world, it becomes extremely difficult to respond effectively to threats.

This collaboration must extend beyond governments to include the private sector, as many companies play a vital role in cybersecurity.

National cyber authorities, including a country's national CSIRT, must cultivate these global connections. True cyber resilience can only be achieved by working collectively — nationally with everyone at home, and internationally with stakeholders worldwide.