Country in risk of targeted cyber attack on August 15, says CIRT
According to a press release issued by the Bangladesh Government's Computer Incident Response Team (BGD e-GOV CIRT) and signed by CIRT Project Director Engr. Mohammad Saiful Alam Khan, the country is facing an imminent cyber threat on August 15. The alert was issued in response to a declaration made by religious and ideologically motivated underground hacker groups. These groups have threatened to launch a series of cyber-attacks against Bangladesh's cyberspace on the specified date, as stated in the press release by BGD e-Gov CIRT.
The hacker groups, claiming to be 'hacktivist' organisations, have a history of targeting organisations in Bangladesh and neighbouring Pakistan, as highlighted in the CIRT press release. Their attack tactics include Distributed Denial-of-Service (DDoS) attacks, website defacements, and the use of malicious PHP shells as backdoors to drop payloads. Government and military bodies, law enforcement agencies, banks, pharmaceutical companies, retail and industrial organisations, as well as energy and education sectors have been identified as their top targets.
According to BGD e-Gov CIRT, on August 1, a hacker group claimed responsibility for a cyber-attack on Bangladesh's Payment Gateway and several law enforcement and banking organisations. Additionally, on July 3, a DDoS attack temporarily disrupted a Bangladeshi transportation service by making their website unavailable for an hour. Also on June 27, a hacker group defaced the website of a government college and provided web archives as evidence. Similarly, on June 24, a health organisation's website was defaced, and the attackers shared web archives to support their claims.
Of particular concern, according to the CIRT press release, was an attack on June 20, where the hackers claimed to have compromised Bangladesh's state-owned investment company, gaining access to data from over 100,000 investors and investment applicants. They shared a single screenshot as proof and threatened to release the data after successful exfiltration.
BGD e-Gov CIRT, through their official press release, has urged all organisations within Bangladesh to take precautionary measures to safeguard their infrastructures. Recommendations, as outlined in the CIRT press release, include implementing 24/7 network and user activity monitoring, deploying Web Application Firewalls to filter out malicious requests, ensuring load balancer solutions to distribute server load during attacks, and securely configuring vital services like DNS and NTP.
Organisations are also advised to maintain regular backups of website content and databases, enforce HTTPS with SSL/TLS encryption, and keep all web server software up-to-date with the latest security patches.