Banks in Bangladesh need to adopt advanced cyber security systems in line with the regulatory guidelines in order to allay concerns that the country's banking industry dangerously lags behind in this regard, experts said yesterday.
All local lenders as well as Bangladesh Bank need to reinforce their efforts to build a skilled workforce that can deal with modern technologies and deliver appropriate services to protect the banking sector from cyberattacks, they said.
There are hackers that attempt to steal money from personal accounts by using malware and ransomware, they added.
These views were exchanged during a seminar on the 'Security Operations Centre (SOC)', organised by Backdoor Private, a Dhaka-based cyber security firm.
The central bank issued a circular a long time ago, asking all lenders to install the SOC to secure their systems but despite repeated warnings, the response has been lukewarm, according to Debdulal Roy, executive director of Bangladesh Bank.
"As far as I know, only three banks have installed the SOC but I am not sure if they are being run properly. This situation is very unfortunate," he said.
"We are doing our part but issuing orders is not enough, the banks should come forward to execute these decisions," Roy added.
Tanvir Hassan Zoha, managing director of Backdoor Private, presented the keynote paper, where he explained why the country's banking sector remains vulnerable to hacking from both local and international criminals.
Referring to the recent alert regarding the possible hacking attempt on the country's ATM system, Zoha said that the authorities and investigators should not solely focus on the so-called 'international hackers' since it is equally important to deal with the domestic ones.
A lot of sensitive banking information is available on the darkweb, which is monitored by local hackers as preparation for cyberattacks.
"This is dangerous and so, we must protect the customers and the bank's system," Zoha added.
Banks in the country are eager to secure their data but many are reluctant to spend the vast amounts of money required for an advanced system, said Abul Kashem, an adviser to Backdoor Private.
"But lenders need to respond fast and install modern technology, create the right manpower and engage experts," said Kashem, also a former deputy governor of Bangladesh Bank.
Arpita Chowdhury, a lawyer and legal adviser to Backdoor Private, said cybercrime is a non-bailable offence but in the absence of proper evidence gathering and investigation, any incident of hacking could go unpunished.
"We are doing well so far, but challenges still remain. The overall banking sector wants to secure their system, but many do not want to invest adequately," said AYM Mostafa, chief technical officer of Prime Bank.
"When Bangladesh Bank issued the circular, we took it very seriously. Unfortunately though, we did not get enough guidelines on how to do or where the required manpower would come from and how the procedures would be implemented," said Anisur Rahman, head of IT at City Bank.
Abul Kalam Azad, CEO of Backdoor Private, also spoke at the event.