Internet domain .bd vulnerable to hacking

The public domain for internet in Bangladesh is vulnerable to hacking as it has neither a robust security system, nor a mirror server and is running on an outdated version.
Bangladesh's own internet country code top-level domain -- .bd -- is one of the worst managed domains, experts said. A country code top-level domain is a unique two-letter string that has been assigned to a country or a geographical area to identify it in a domain name. A domain name uniquely identifies a site on the internet.
The government declared a plan to launch another operation for a domain for websites in the Bangla language in 2011, but that did not happen either.
Bangladesh's domain was launched in 1999; the software was never upgraded after that.
“There is still scope to work on the domain,” said Mahfuz Uddin Ahmad, managing director of state-owned Bangladesh Telecommunications Company Ltd (BTCL) that operates the domain system.
The software that operates the server is still on the 4.8 version, but the 9.9.5 version is currently being used for the same service globally.
Sumon Ahmed Sabir, an IT expert, said Bangladesh's country code domain often does not support the service. “The domain is vulnerable to risks. It has no modern security system and one can easily hack the domain.”
All the domains globally have migrated to IPV6—a version where billions of IP addresses can be opened—but Bangladesh fell behind.
The .bd DNS (domain name system) is still in service with IPV4, which has limited IP address access.
The Bangladesh domain is not digitally signed yet, said a director of Bangladesh Telecommunication Regulatory Commission, seeking anonymity. “So, the public web portals can be hacked easily.”
Two years ago, the regulator recommended handing over the system to a private operator or entity, but the telecom ministry had refused the proposal, the official said.
Most local content providers do not use the system due to the lack of security and prefer to use foreign domains, which drains foreign currency, the director added.
If the server had been equipped enough, local companies would have used the country domain, a good source of income, said the BTRC official.
Mustafa Jabbar, a former president of Bangladesh Computer Samity, the national association of ICT companies, said: “You cannot register any site from your home or office using the online payment system, as it is still traditional.” Bureaucracy is a great obstacle to business, he said. “We should have a huge number of domain names on our own server, but that did not happen as people are unwilling due to the problems in its management.”
If the country had a Bangla domain name system, then the rural population could use websites in their mother language, he added.
“We could have searched our institutions' names in Bangla, but that did not happen in the last three years.”
AKM Fahim Masroor, former president of Bangladesh Association of Software and Information Services, an ICT trade body, said: “We are not interested in the local domain service for security reasons.”
The domain should be operated professionally, said Masroor, also managing director of Bdjobs.com, a job site.