Ransomware runs amok

Ransomware attacks on top corporations, telcos, and internet service providers leaked several hundred gigabytes of citizens' data, found the government's Computer Incident Response Team (CIRT).

Ransomware is a type of malware that accesses data and threatens to publish it, or permanently blocks access to it unless a ransom is paid. This ransom can go up to hundreds of thousands of dollars.

In a new report titled "Ransomware State of Bangladesh 2022", the e-GOV CIRT team named companies attacked in 2021.

"Although the countries in Asia Pacific constitutes only nine percent of the targeted countries for ransomware, Bangladesh could not evade the grip of such emerging threats," said the report.

None of the companies attacked by ransomware sought help from law enforcement agencies, or informed the government's CIRT team.

The report stated that Akij Group's file server was attacked by ransomware called Night Sky.

The CIRT report said the team got access to 47GB of mail server data including emails of all company directors over the last two years, 45GB of business system database data which includes company and customer data, 297 GB of file server data, 62 GB of personal computer backup files and others.

Beximco Group was attacked by a ransomware named ALTDOS which got access to "hundreds of gigabytes of files, source code and databases from 34 Beximco websites, including its telecom subsidy -- BOL-online.com", said the report.

The ransomware also accessed 56,000 payment records.

In addition, the Bangladesh Telegraph and Telephone Board was boarded with over 20,000 malware infections linked to ransomware strains, found the report.

Mobile network operator Grameenphone Ltd had 12,549 such breaches, while Axiata (Bangladesh) Ltd had 8,573 malware infections resembling ransomware. Banglalink and Teletalk Bangladesh Ltd had 2,514 and 2,353 infections respectively, the report said.

Internet service provider Link3 Technologies Ltd had 7,552 malware infections, Mazeda Networks Limited, Aamra Networks Ltd, Antaranga Dot Com Ld, Fibernet Networks, outsourcing company Digicon Telecommunication Ltd and tech company Systems Solutions & Development Technologies Limited and others each faced over a thousand malware infections linked to ransomware strains.

"Building an accurate picture of ransomware threats remains challenging in Bangladesh due to the reluctance of reporting cyber incidents, ransomware in particular," said the report.

They recommended that reporting incidents of breach must be made mandatory.