In a recent press release by the Bangladesh Government’s Computer Incident Response Team (BGD e-GOV CIRT), concerns have been raised over an imminent cyber threat the country is likely to face on August 15. This alert comes in response to declarations made by religious and ideologically motivated underground hacker groups, who have threatened to carry out a series of cyber-attacks against Bangladesh’s cyberspace on the specified date.
The hacker groups, identifying themselves as ‘hacktivist’ organizations, have a history of targeting entities both in Bangladesh and neighboring Pakistan, as highlighted by the CIRT press release. Their tactics include launching Distributed Denial-of-Service (DDoS) attacks, defacing websites, and utilizing malicious PHP shells as backdoors to drop payloads. The main targets identified by the hacker groups are government and military bodies, law enforcement agencies, banks, pharmaceutical companies, retail and industrial organizations, energy, and education sectors.
The recent activities of these hacker groups mentioned in the press release include an attack on August 1, where they claimed responsibility for a cyber-attack on Bangladesh’s Payment Gateway and various law enforcement and banking organizations. Additionally, on July 3, a DDoS attack temporarily disrupted a Bangladeshi transportation service by making their website unavailable for an hour. On June 27, a hacker group defaced the website of a government college and provided web archives as evidence of their actions. Similarly, on June 24, a health organization’s website was defaced, and the attackers shared web archives to support their claims.
Of particular concern is an attack on June 20, where the hackers claimed to have compromised Bangladesh’s state-owned investment company and accessed data from over 100,000 investors and investment applicants. They shared a single screenshot as proof and threatened to release the data after successful exfiltration.
To mitigate the potential impact of these cyber-attacks, BGD e-Gov CIRT has urged all organizations within Bangladesh to take precautionary measures in safeguarding their infrastructures. Recommendations outlined in the press release include implementing 24/7 network and user activity monitoring, deploying Web Application Firewalls to filter out malicious requests, ensuring load balancer solutions to distribute server load during attacks, and securely configuring vital services like DNS and NTP.
Furthermore, organizations are advised to maintain regular backups of website content and databases, enforce HTTPS with SSL/TLS encryption, and keep all web server software up-to-date with the latest security patches.
In light of the impending threat, vigilance and adherence to these security –measures are crucial for the protection of Bangladesh’s cyberspace and the entities operating within it.
