Computer Incident Response Team (BGD e-GOV CIRT) under the ICT division has issued a critical cybersecurity warning to safeguard the country’s digital landscape.
Various hacker collectives have declared their intention to carry out a sequence of cyber onslaughts on the nation's digital domain come August 15, the team said.
This announcement has spurred the government to issue a call for intensified watchfulness across critical information infrastructures (CII), banking establishments, financial organisations, healthcare establishments, as well as all governmental and private entities.
However, the BGD e-Gov CIRT is the state-run agency of the government responsible for maintaining cybersecurity in the country.
Government insiders said these hacker collectives have a precise focus on governmental and military entities, law enforcement agencies, both banking and non-banking financial entities, pharmaceutical corporations, retail and industrial establishments, along with the energy and education domains.
Identifying themselves as hacktivists, the groups have a notorious track record of targeting organisations in both Bangladesh and Pakistan, causing significant disruptions to operations and businesses.
They tend to employ preferred strategies such as conducting Distributed Denial-of-Service (DDoS) assaults, defacing websites, and utilizing malicious PHP shells as covert entry points to breach systems, cyber sources said.
Mentionable, the recent cyber incidents in Bangladesh encompass effective strikes on a payment gateway, law enforcement agencies, and banking institutions.
Additionally, the groups have claimed responsibility for DDoS attacks, website defacements targeting government colleges and health organisations, and disruptions to the website of Bangladeshi military organisations.
Of particular concern was an unsettling occurrence where the state-owned investment company fell victim to a breach, leading to the unauthorized extraction of confidential information belonging to more than 100,000 investors and applicants.
In light of these impending cyber threats, BGD e-GOV CIRT has issued a set of crucial security measures to protect organizations from potential attacks.
These measures include implementing strict network and user activity monitoring around the clock, deploying load balancer solutions to distribute incoming traffic evenly, and utilizing web application firewalls to detect and block malicious requests and DDoS attack patterns.
Furthermore, securing vital services, validating and sanitizing user input, maintaining regular backups, and enforcing HTTPS with SSL/TLS encryption are essential steps to safeguarding against potential cyber incidents.
The government emphasizes the importance of collaboration and cooperation from all stakeholders in ensuring the resilience of the country’s digital infrastructure.
By diligently following the provided security guidelines and remaining vigilant against cyber threats, organisations can better protect their critical information and contribute to the overall cybersecurity posture.
