BD Banks Vulnerable To Cyber Attacks

Written by- Nahid Farzana

The investment in cyber security is very less on the banks of Bangladesh. Every day various big and small cyber-attacks are occurring. The recent bank heist in February 2016 abled hackers to steal over $80 Million from the Federal Reserve’s Bangladesh. For creating awareness, various events and seminars are being held.

One such seminar was held on this Saturday by the Chief Technical Officer (CTO) Forum Bangladesh. Md Mahbubur Rahman Alam, associate professor of Bangladesh Institute of Bank Management (BIBM) revealed from his study that- “Banks of Bangladesh face up to 300 malicious software attacks a day. Local hackers make 60 percent of these attacks.” The banks are not being sincere enough about the IT security even after the heist. He also said, “8 percent management are reluctant to invest in IT and 24 percent will wait for the central bank’s directives.”

Preventive measures are lacking far behind what is actually required. Every year about Taka 10 billion is invested in the IT process in banking segment in our country. But from the overall budget, a major portion goes to buying hardware first, and only 4 percent is being used for security purposes and 2 percent for training. Subhendu Saha, head of commercial sales for the Asia Pacific Japan region for FireEye said, “It takes about 164 days just to know that the security has been breached.”

According to security experts, a company must have the capabilities to identify, detect, protect, respond to and recover cyber security management. But a majority of CTO of banks do not know about them. The whole investment should be increased in improving the cyber security and making the banks aware and knowledgeable about those securities.

DLP- Data Leakage Prevention solution which is used to protect sensitive data and potential data breach, is absent in 91 percent of the banks. Information sharing and analysis center should be set up to inform banks about any incident happening. The time required in being notified is making the system more vulnerable. Immediate steps should be taken for the security purposes of the banks before it’s too late.

This news was brought to you by –

SD Asia Desk