by Zyma Islam in The Daily Star, Aug 16,
Amidst a high alert for cyber-attacks by Indian hackers, both government and private institutions saw a number of such attacks, along with data leaks.
Institutions exposed and hit with data leaks include the Investment Corporation of Bangladesh and Directorate General of Health Services.
The ICB leak was significantly large as there was information of around 10,000 investors and investment applicants.
The data also includes information about those investing in government mutual funds, and consists names, addresses and bank account numbers.
Meanwhile, the DGHS’s exposed data includes statistics on revenue collection from government hospitals.
Hackers also claimed they grabbed data of 40,000 records of the central bank, and shared a screenshot image of 40 records as proof.
The Daily Star, however, could not verify the claim since no such leak was shared as of yet.
The groups also leaked the details of a handful of users from the land tax portal of the land ministry.
Several other organisations faced low-level attacks on their websites, ranging from defacements to sites being taken down for certain time periods.
This includes websites of different police units, ticketing websites and some bank websites. However, almost all of them were recovered within hours.
Bangladesh Government’s Computer Incident Response Team (BGD e-GOV CIRT) had issued an alert earlier this month, stating that some religious and ideologically motivated underground hacker groups had declared they would launch a coordinated storm of cyber-attacks on Bangladesh’s cyberspace on August 15.
The team had warned all to take precautionary measures and be vigilant against these attacks.
Precautionary measures have been taken with the help of Rapid Action Battalion at various government institutions and banks as there are cyber-attack threats, said Commander Khandaker Al Moin, director of Rab’s Legal and Media Wing, at a press conference at the Rab Media Centre yesterday.
The hacker groups also claimed they got access to Rab data, sharing a small-scale leak as proof, but The Daily Star found it to be dating back to 2013, when an alleged hack was executed.
This is the second such alleged leak concerning ICB this year, with the first one occurring on June 20 this year, according to a previous report by The Daily Star.
An earlier press release by the CIRT had said, “The [hacker] group claimed to compromise Bangladesh’s state-owned investment company, and exfiltrated data of over 100,000 investors and investment applicants. The threat group shared a single screenshot as proof of compromise and planned to release the data after successful exfiltration.”
These attacks follow a series of such assaults taking place since March, some of which had seen much larger leaks comprising the data of lakhs of citizens’ being released into the public domain.
“Over the past 15 days, various types of government organisations approached CIRT to secure their systems, and because of that preparation, we have not seen any assault as big as had been threatened. However, we have been working round-the-clock to identify the attacks, and rectify the damage,” said CIRT project director Mohammad Saiful Alam Khan. https://www.thedailystar.net/news/bangladesh/crime-justice/news/websites-25-govt-pvt-institutions-hacked-3395101