Hackers want $5m for Biman data
Hackers are demanding $5 million in ransom for restoring Biman's access to its server.
The national carrier has approximately four days' to comply or else the hackers would make public about 100GB of data, which include passport details of passengers, employees, and reports on other carriers.
The data the hackers are threatening to make public also includes flight, cargo, and crew information of all flights.
Biman and aviation insiders furnished this paper with documents stating these.
The ransomware continuously changes its identifiable traits which made IT experts unable to isolate it or find out the people behind the attack, sources said.
The attackers also have claimed to have access to Biman's software for human resource management, financial resource management, and enterprise resource planning. The software are integrated into other systems, including planning, finance, and inventory keeping, they added.
The hackers also claimed to have access to "Bimanprod, BGDBF, and Ctrain" databases, the natures of which this newspaper could not verify, they said.
The attackers said they would provide the key to decrypt all data once they are paid, highly-placed sources in the aviation industry told The Daily Star.
However, Biman's Managing Director Shafiul Azam said no data has been stolen and that the hackers have not demanded any ransom.
Biman sent a press release yesterday claiming that the media has been publishing "confusing" information about the hacking.
Biman Bangladesh Airlines was declared a critical information infrastructure in October of last year.
"The malware used for attacking Biman's email server is called zero-day attack, which the IT officials and investigating officials of Digital Security Agency have not seen before," a Biman official told The Daily Star.
A "zero-day" attack refers to an attack taking advantage of a vulnerability that was not known before, leaving IT engineers and experts zero days to prepare.
However, sources in a government agency told The Daily Star that Biman had been asked to patch this vulnerability twice in 2022.
Biman was attacked by malware in 2022.
Biman in its press statement yesterday claimed that email IDs related to aircraft operations were restored via Microsoft cloud services and alternative arrangements.
It said on Saturday that a number of computers and servers were attacked the servers concerned were isolated and email service was halted.
It also said steps were being taken in light of the technical guidelines issued by the Digital Security Agency as Biman is a critical infrastructure.
After the hack, the national carrier could not correspond with any domestic or international outposts with its official email.