Friday, June 14, 2024


Dhaka Tribune

Bangladeshi banks are at high risk of cyber attacks

A BIBM report based on 2020 banking sector said that 52% banks were at grave risk of cyber attacks

Update : 18 Sep 2022, 04:45 PM

A number of both local public and private banks currently risk cyber attacks mainly for their indifference and fragile cyber-security systems, prompting experts to suggest immediate action.

Stakeholders and experts said that a large percentage of banks were not taking enough precautionary measures to fend off the possible attacks, and avert bigger financial loss, which they deemed imminent.

The malicious actors behind such trans-border invasion include not only increasingly daring criminals-such as the Carbanak group, which targeted financial institutions to steal more than $1 billion during 2013-18 period-but also states and state-sponsored criminal gangland, according to a 2021 report published by the International Monetary Fund (IMF.)

In June 2022, the Bangladesh Institute of Bank Management (BIBM) conducted a study based on the situation of the banking sector as of 2020 which found nearly 52% of banks at grave risk of cyber attacks.

In April 2020, the Financial Stability Board (FSB) warned that "a major cyber incident, if not properly contained, could seriously disrupt financial systems, including critical financial infrastructure, leading to broader financial stability implications."

In March 2016, the Bangladesh Bank issued a guideline asking the banks to boost their cybersecurity capabilities after the bank's never-seen-before type of orchestrated reserve heist.

The regulator also had directed them to form a security operation centre (SOC) to oversee security measures round the clock.

But most banks have yet to install SOCs, sources added, leaving such vigil a far cry.

With this phenomenon in view, experts also sought regulator's heightened measures to strengthen the enfeeble cybersecurity scenario in Bangladesh's banking sector, stressing the banks' need to build their employees' capacity and enhance logistics support for the security shield .

Saying those financial institutions (FIs), particularly banks, most desirable target to cybercriminals, the state-run Bangladesh e-Government Computer Incident Response Team (BGD e-Gov CIRT) made a shocking disclosure, that about 99% of both private and public banks suffered major cyber attacks very recently.

The report, titled "Sectoral Cyber Threat Intelligence for Banking Industries," also identified that most users of banking applications and portals (both internal and external) were not properly aware of cyber- hygiene.

The research also finds insecure uses and/or access of internal application/portal by the employees' mobile devices may raise risk of exposure of organizations' critical assets.

In 75% cases, credential stealing is possible due to insecure uses of mobile or computing devices, it said.

In another report styled Common Vulnerabilities in Cyber Space of Bangladesh, it says the vulnerability level of cyberspace is increasing day by day in the country.

Nearly 70% of the attacks on financial institutions targeted banks, Research by IBM X-Force says, adding that some 16% targeted insurance companies while 14% targeted other financial institutions in 2021.

The Intelligence unit of BGD e-GOV CIRT has also found that managed applications/ devices by vendors influence a great exposure of organizations' assets.

It also detected that enforcement of strong password policy was absent from many banking applications and portals.

Top Brokers


Popular Links