Awareness after 2014 Sonali Bank hack might've prevented 2016 BB heist

Says National Cyber Security Agency Director General Abu Sayed Md Kamruzzaman

---

Ismail Hossain | Published: January 16, 2025 21:53:16

---

National Cyber Security Agency (NCSA) Director General Abu Sayed Md Kamruzzaman on Wednesday said the 2016 Bangladesh Bank heist might have been prevented had cybersecurity been taken more seriously following the 2014 Sonali Bank hacking.
He voiced concerns over missed opportunities to strengthen cybersecurity in Bangladesh, particularly in the aftermath of the major hacking incidents, including the Sonali Bank hack.
Speaking at a conference at Krishibid Institution Bangladesh in the capital, he called for a heightened sense of urgency among stakeholders and emphasised the need for robust cybersecurity measures to prevent future breaches.
It was a pre-cyber drill conference arranged ahead of the day-long cybersecurity drill titled "1st Agile Cyber Drill-2025," which will be held on February 26 with the participation of 200 local corporate firms, microfinance institutions, IT service providers, and organisations.
Kamruzzaman noted the challenges many chief technology officers face while convincing their chief executive officers of the critical importance of cybersecurity investments, which often lack immediate financial returns.
The NCSA official also urged the Bangladesh Association of Software and Information Services (BASIS) to prioritise practical training over promotional activities. "BASIS should allocate more funds for drills and competitions to train students and prepare them for the workforce," he added.
Congratulating AGS Quality Action, organiser of the drill, on its initiative, Kamruzzaman added, "Cyber drills have been organised for the past three years under the government's BGD e-GOV CIRT project despite numerous challenges."
The primary goal of the February event is to raise awareness and enhance preparedness against cyberattacks, Ahsan Habib, managing director of AGS Quality Action, told The Financial Express.
Technical partners of the event include Bangladesh Computer Society and the CTF platform managed by BGD e-GOV CIRT under the ICT ministry.
The drill will involve 150 professional cybersecurity engineers and ethical hackers from Bangladesh Computer Society who will support participating organisations to conduct exercises.
Habib said each organisation is required to pay Tk 60,000 to participate, adding 157 private firms and corporate entities have registered so far.
After a technical evaluation of their skills and capabilities to mitigate cyber threats, the participating organisations will be formally awarded on March 9.
As part of the initiative, all participants will also receive a month-long cybersecurity penetration testing service free of charge to assess their existing cybersecurity measures and identify areas of improvement.
Wednesday's event featured a diverse panel that discussed key cybersecurity topics, including ransomware, risk assessment, threat modelling, cost-effective strategies, fault tolerance, redundancy, and load balancing.
Fahad Zaman Chowdhury, joint director (ICT) at the Bangladesh Bank and a panellist at the conference, emphasised the importance of comprehensive security awareness initiatives.
He advocated for regular employee training in technical security, phishing simulations, and social engineering, as well as ongoing practices, such as vulnerability management, incident response planning, and continuous monitoring.
"While regulations like the General Data Protection Regulation (GDPR) are specific to Europe, adopting similar security standards would greatly benefit us," he noted, adding organisations could follow the Bangladesh Bank's ICT security guidelines to strengthen their defences. ICT Secretary Shish Haider Chowdhury was present as the chief guest at the opening ceremony of the conference.
Director General of Bangladesh Accreditation Board Md Anwarul Alam, BASIS Associate Committee Chairman Rafel Kabir, Bangladesh Computer Council Executive Director Dr Muhammed Mehedi Hassan, BASIS Associate Committee Member (Finance) Fouzia Nigar Sultana, and Bangladesh Computer Society Vice-President (Academic) Zainal Abedin were present as special guests in the event. Chief Executive Officer and Director of AGS Quality Action Major (retd) Mahbubul Haque presided over the opening ceremony and the organisation's Managing Director Habib delivered the welcome speech.
bdsmile@gmail.com