‘Cybercriminals are creating new methods of hacking’

The Speedy Motion Battalion (RAB) on Sunday busted a hoop that hacked into the server of Laptop Community Techniques and scammed Tk1.20 crore via pretend cash receipts. The software program agency is affiliated with the Bangladesh Street Transport Authority (BRTA). 

On the finish of 2022, the identical ring hacked the Dhaka Electrical Provide Firm Restricted web site and scammed round Tk1.50 crore by faking cash transaction accounts.

The regulation enforcement company members launched drives and arrested six members of the ring together with ringleader laptop engineer Sharear Islam from Dhaka and Gazipur final week.

We’ve got seen incidents of hacking and phishing within the nation earlier than. Do you see something new within the newest hacking of BRTA and DESCO’s fee gateways? 

There’s a new dimension within the BRTA hacking incident. The hackers often take the cash away. However we now have seen a special image on this case. Based on newspapers, the hackers offered the service to the shoppers and gave the shoppers pretend receipts. It is a severe subject. 

I’d say each BRTA and DESCO are simply victims. Cybercriminals or hackers all the time seek for weak web sites and launch assaults on web sites which have safety loopholes. If hackers need, they will goal 50 extra web sites as a result of the safety measures are very weak on many web sites. 

BRTA has been finishing up the job with the assistance of a third-party vendor. The most recent incident signifies that cybercriminals have gotten subtle and they’re creating new methods of hacking. 

The hackers have hacked the fee gateway of BRTA and the hackers have been profitable in exhibiting that the cash has been paid with out the fee of cash. 

Normally, when the transaction is accomplished in banks, then the software program reveals that the fee is finished. However on this case, the hackers bypassed the method of the transaction within the financial institution. The hackers took the cash from the purchasers however they could have stored the cash of their accounts or some other place. 

What sort of initiatives ought to the federal government take now to minimise cyber-attacks or hacking? 

You already know, in lots of workplaces, the job is finished by totally different software program corporations on behalf of the federal government company. At any time when the federal government will purchase providers from a 3rd get together, the federal government should ask distributors to make it possible for ample safety measures have been taken. If not, the federal government should make them take correct safety measures. 

Safety could be breached at any time however the corporations should take preventive measures. There are variations between software program and high quality software program. For high quality software program safety is a significant concern. We should be up to date because the criminals have gotten increasingly expert.

You’ll be able to by no means inform that you’ve got made 100% safe software program however it’s a must to take the safety measures. For those who make a home and maintain a window damaged, a thief might enter the home. You’ll make the home in such a manner {that a} thief can not enter it. You’ll have to make software program in the identical manner. You’ll have to plug up the holes in order that criminals can not enter. Within the case of software program improvement, the developer firm should maintain this in thoughts how the software program could be attacked and at what locations, particularly the fee processing software program and providers.

To regulate cybercriminals, the regulation enforcement company in addition to software program corporations should spend money on safety measures for his or her software program. On the similar time, we should remember [of the current threats and risks]. We should create manpower to counter the cybercriminals now. 

In a public assembly in 2021, State Minister for ICT Zunaid Ahmed Palak mentioned Bangladesh might be changed into a cyber safety service suppliers’ hub. Is it attainable to make Bangladesh a cyber safety service hub? 

Every thing is feasible. However solely imaginative and prescient is not going to do. You have to plans, preparation and execution of the plan. We can not sit idle with a plan or imaginative and prescient. Are we offering coaching to folks, or are we establishing coaching centres? 

We have to implement the plans. Some works are seen however we now have to emphasize extra on the problem as a result of this stuff have gotten increasingly essential. We’ve got to speculate extra in safety measures and we should focus extra on the safety points.

In the interim, we would not have that many cybersecurity specialists within the nation. Just a few universities have programs on cyber safety. There isn’t a scope for relying solely on the colleges. We should arrange a separate coaching centre to create cybersecurity specialists. We would not have a single world-class cybersecurity analysis centre within the nation. We should always have multiple. The federal government ought to take extra initiative on that.

All authorities companies within the nation have a separate IT division so it’s necessary for us to have cybersecurity specialists within the workplaces. In any other case, how will they deal with the safety points if they don’t have any safety specialists?