BB data server at high risk of cyber attack
Malware, suspicious IP addresses found
Syful Islam | Wednesday, 17 April 2019
The data server of the central bank is found to be at high risk of a cyber attack as hackers have reportedly again installed malware there, officials have said.
Malware in the central server of the Bangladesh Bank (BB) creates scope for hacker intrusion and stealing money by placing fraudulent orders, they added.
In March, the Bangladesh Computer Council (BCC) monitored the server for 21 days and found it to be at "high risk" of compromising, the officials stated.
In 2016, for the first time in the country's history, cyber frauds stole $101 million from the BB's account with the New York Fed by accessing its network.
The BB sued Manila-based Rizal Commercial Banking Corporation (RCBC) this February to recover the heist funds.
According to sources, the BCC installed a cyber sensor at the data centre under a memorandum of understanding (MoU) to monitor any possible cyber attacks.
Reviewing the information received between March 11 and March 31, computer systems analysts of the council found the presence of malware in the BB's network.
They found links between the BB's Internet Protocol (IP) address and suspicious IP addresses of the United States, Russia and the Netherlands.
The investigators also found malware being downloaded on the server of the country's banking regulator.
They saw the web communication of the central bank's IP address with suspicious IP addresses located in the USA, Russia, Romania, the Netherlands and Germany.
The BCC officials further found that data were being sent and received to and from the BB's server and the suspicious ones located in the USA, Canada and Germany.
Those suspicious servers have been identified as ransomware infrastructure.
Hackers have paved a path for attacking the BB's server through using ransomware due to some faults, they said.
"The data of a server attacked by ransomware becomes encrypted by hackers demanding ransom. Recovering the data remains a tough task despite making a payment," according to the BCC officials.
On March 31, the BCC sent a technical report to the BB citing the fault lines of its server and called for measures to prevent an invasion of hackers in its network.
Contacted over telephone on Tuesday, BB executive director for Information Systems Development and Support Department Debdulal Roy acknowledged receiving such a report but they were yet to go through it.
Chief maintenance engineer of the central bank Muhammad Zakir Hasan also did not comment on this report, citing that he was not authorised to speak to the media.
A BCC official, however, said most of the computer networks and servers in Bangladesh are at high risk of cyber attacks.
In recent months, he said, the BB took preventive measures. So, attacking its server would not be so easy.
In November 2017, hackers tried to enter the BB network but failed due to two-stage monitoring -- one by BB engineers and another by BCC engineers.
Later, the hackers stole $4.4 million from a bank in Nepal, the official disclosed.
"Cyber attack is a global phenomenon and Bangladesh is also under threat," he said.
"We have to enhance our capacity to prevent such possible cyber attacks," the official observed.